Penetration Testing mailing list archives
Re: Trend Micro's Vista "0day exploit auction" claim
From: "Sels, Roger" <roger.sels () gov-fbi net>
Date: Tue, 19 Dec 2006 10:05:01 +0100 (CET)
On Tue, December 19, 2006 7:59 pm, Ryan Meyer wrote:
A number of popular tech news sources are reporting Trend Micro's CTO, Raimund Genes, publicly claiming that there are "auctions" for zero-day Windows Vista exploits. Further, he claims these auctions are fetching approx $50,000. Could anyone verify Trend Micro's claim? It seems dubious, at best, to me and possibly nothing more than pure FUD. Sorry to get off topic. Ryan Meyer
Hello Ryan Anything is possible. Whether or not it's FUD is totally irrelevant IMHO. Considering Vista officially launched on November 30*, what's the number of deployed servers at the moment? How many of these will be business/mission critical (thus "interesting")? Sure, the "bad guy" paying 50k for the exploit can sit around waiting for vulnerable vista's to pop up but if they're willing to pay that price they should get a developer/security researcher, lock him up in a basement with a server running vista and get (possibly) more (then 1) 0-day exploit(s). Kr Roger *: according to this link (chosen at random): http://www.cnn.com/2006/TECH/ptech/11/30/windows.vista.ap/index.html?eref=rss_tech According to the article, it will get in consumer's hands "as of January 30" -- Life is 10 percent what you make it and 90 percent how you take it. - Irving Berlin
Current thread:
- Trend Micro's Vista "0day exploit auction" claim Ryan Meyer (Dec 19)
- Re: Trend Micro's Vista "0day exploit auction" claim Sels, Roger (Dec 19)
- Re: Trend Micro's Vista "0day exploit auction" claim Radu Oprisan (Dec 19)
- Re: Trend Micro's Vista "0day exploit auction" claim Cody Tubbs (Dec 19)
- RE: Trend Micro's Vista "0day exploit auction" claim Chris Poulter (Dec 19)
- RE: Trend Micro's Vista "0day exploit auction" claim Sels, Roger (Dec 19)
- RE: Trend Micro's Vista "0day exploit auction" claim Chris Poulter (Dec 19)
- Re: Trend Micro's Vista "0day exploit auction" claim Cody Tubbs (Dec 19)
- Re: Trend Micro's Vista "0day exploit auction" claim Cody Tubbs (Dec 19)
- <Possible follow-ups>
- Re: Trend Micro's Vista "0day exploit auction" claim krymson (Dec 19)