Monday, July 24, 2006

"Zero-day Wednesdays"

Here is a ridiculous post on a "Zero-day Wednesday." Read it and ROLF (or 'ROFW', where 'W' is for weeping)

And this is the most uber-ridiculous part:

"Instead, either he or his bosses will use this information for corporate espionage, to create what's called a zero-day attack, using targeted Trojan horses that exploit an unpublished flaw. Worse, they'll wait until after Microsoft publishes its latest patches on the second Tuesday of the month."

So, lemme understand: you got this little research and you develop a 'kewl nu 0day." Next, instead of using it ASAP, you wait until MS finds the same bug, issues a patch on Tuesday and then -boom!- you go and attack someone with it... Riiiight! :-)

1 comment:

Anonymous said...

The way it has been written in that article does make it sound idiotic.

What is a pretty sensible tactic is to use an undisclosed vulnerability in an attack the day after a totally unconnected patch Tuesday. This gives a full month before a patch will be released, plenty of time to have several different exploits in use.

Dr Anton Chuvakin