What a lot of 0-Days

September 27, 2006 – 10:22 pm

There really seems to have been a lot of Windows 0-Days recently that are getting exploited before announcement by anyone?

The VML flaw is one and another PowerPoint one in the last 24 hours. Both where being exploited in the wild before they got looked at by the security community.

Something smells like the WMF flaw from the end of last year when the flaw was being bought and sold to be used for doing the nasty before if was made public. The history of the WMF exploit was that it was getting sold and used to compromise web users for a good month before the security industry got word of it. Begs the question, how long was the VML flaw getting used for malicious purposes before it got discovered.

Copyright © Stephen Kapp 1999-2008. Powered by WordPress

Creative Commons Attribution-NonCommercial-NoDerivs 2.0 UK: England & Wales
Creative Commons Attribution-NonCommercial-NoDerivs 2.0 UK: England & Wales