Monday, July 24, 2006

"Zero-day Wednesdays"

Here is a ridiculous post on a "Zero-day Wednesday." Read it and ROLF (or 'ROFW', where 'W' is for weeping)

And this is the most uber-ridiculous part:

"Instead, either he or his bosses will use this information for corporate espionage, to create what's called a zero-day attack, using targeted Trojan horses that exploit an unpublished flaw. Worse, they'll wait until after Microsoft publishes its latest patches on the second Tuesday of the month."

So, lemme understand: you got this little research and you develop a 'kewl nu 0day." Next, instead of using it ASAP, you wait until MS finds the same bug, issues a patch on Tuesday and then -boom!- you go and attack someone with it... Riiiight! :-)

Dr Anton Chuvakin