IBM sees influx in zero-day exploits

posted Aug 26th 2008 4:56pm by Benjamin Eckel
filed under: firefox hacks, news, security hacks

IBM’s X-Force security team has released a mid-year report(PDF) stating that the number of zero-day exploits is growing at an alarming rate. For those of you unfamiliar with the term, a zero-day exploit is a program that is created and implemented within 24 hours of the disclosure of a security flaw. These exploits usually affect users before they even know the vulnerability exists and long before a patch is made available. The researchers also found that many of these exploits were targeted at browser plug-ins, which most users utilize on a daily basis.

[Kris Lamb], X-Force operations manager, is blaming the problem on a lack of a unified process for disclosing vulnerabilities. He also claims that the long-held practice of publishing example code of vulnerabilities should be frowned upon.

[via Liquidmatrix]

Read

Comments [7]

tagged: browser, firefox, ibm, plugin, x force, XForce, zero-day

Reader Comments

I thought it’d be common practice for the employees of security companies to be members of exploit rls sites? As they say, you can be whoever you want on the internet.

Posted at 6:47 pm on Aug 26th, 2008 by G

You link a Wikipedia article that you didn’t even read? That’s not what 0day is, even Wikipedia knows that: “A zero-day (or zero-hour) attack or threat is a computer threat that tries to exploit unknown, undisclosed or unpatched computer application vulnerabilities.”

UNKNOWN. UNDISCLOSED. UNPATCHED.

Keep making up definitions!

Posted at 9:16 pm on Aug 26th, 2008 by holycrap

Jesus christ. 0-day is not what you think it is. Anyone know of a blog that is like what hack a day used to be? Hardware hacks without this bullshit wanna be slashdot drivel?

Posted at 9:30 pm on Aug 26th, 2008 by rivetgeek

>Anyone know of a blog that is
>like what hack a day used to be?
>Hardware hacks without this
>bullshit wanna be slashdot drivel?

I know one ;)

Posted at 10:59 pm on Aug 26th, 2008 by miked

Bit of a “duh” in the Windows world, if I’m reading this correctly. The whole problem with Microsoft going on a set schedule for patches (Patch Tuesday, as it is so called) is that malicious individuals realize the best time to release is just AFTER patch Tuesday, eliminating the possibility of even a last-minute patch. And Microsoft’s stand is that they will not release patches outside of that day unless it is very severe. *shrug*

Posted at 11:08 pm on Aug 26th, 2008 by Eric

Agreed with previous comments –
Zero Day was referred to by a certain Mark Russinovich of SysInternals, now Microsoft (who revealed the Sony Rootkit fiasco) that actually means any vulnerabilities not even discovered/reported by official legitimate security firms.
If a single immoral hacker finds a vulnerability in a system and develops an exploit, making money from it or not, and the world knows nothing of it, its a Zero Day exploit.
Wheres this 24 hour from disclosure crap come from!?

Posted at 3:58 pm on Aug 27th, 2008 by Heliosphan

Kris Lamb is apparently an idiot. Why would any sane person suggest

that exploits *not* be published? Sure there may not be a central

authority (that would be a good thing), but not publishing exploits

would be akin to saying “You know what? Exploit all you want, nobody

will realize what you’re doing until it’s too late.”

In addition, publishing exploits forces consumers and publishers alike

to either wake up or get screwed. And if you’re too stupid to secure

your browser, do we *really* want you to have any more money/power than

you already do?

Posted at 5:59 am on Sep 5th, 2008 by srilyk

IBM sees influx in zero-day exploits

Recent Posts

Reader Comments

Leave a Reply

Hacks

Resources

RSS newsfeeds

Most commented on (30 days)

Recent comments