IBM sees influx in zero-day exploits


IBM’s X-Force security team has released a mid-year report(PDF) stating that the number of zero-day exploits is growing at an alarming rate. For those of you unfamiliar with the term, a zero-day exploit is a program that is created and implemented within 24 hours of the disclosure of a security flaw. These exploits usually affect users before they even know the vulnerability exists and long before a patch is made available. The researchers also found that many of these exploits were targeted at browser plug-ins, which most users utilize on a daily basis.

[Kris Lamb], X-Force operations manager, is blaming the problem on a lack of a unified process for disclosing vulnerabilities. He also claims that the long-held practice of publishing example code of vulnerabilities should be frowned upon.

[via Liquidmatrix]

Comments

  1. G says:

    I thought it’d be common practice for the employees of security companies to be members of exploit rls sites? As they say, you can be whoever you want on the internet.

  2. holycrap says:

    You link a Wikipedia article that you didn’t even read? That’s not what 0day is, even Wikipedia knows that: “A zero-day (or zero-hour) attack or threat is a computer threat that tries to exploit unknown, undisclosed or unpatched computer application vulnerabilities.”

    UNKNOWN. UNDISCLOSED. UNPATCHED.

    Keep making up definitions!

  3. rivetgeek says:

    Jesus christ. 0-day is not what you think it is. Anyone know of a blog that is like what hack a day used to be? Hardware hacks without this bullshit wanna be slashdot drivel?

  4. miked says:

    >Anyone know of a blog that is
    >like what hack a day used to be?
    >Hardware hacks without this
    >bullshit wanna be slashdot drivel?

    I know one ;)

  5. Eric says:

    Bit of a “duh” in the Windows world, if I’m reading this correctly. The whole problem with Microsoft going on a set schedule for patches (Patch Tuesday, as it is so called) is that malicious individuals realize the best time to release is just AFTER patch Tuesday, eliminating the possibility of even a last-minute patch. And Microsoft’s stand is that they will not release patches outside of that day unless it is very severe. *shrug*

  6. Heliosphan says:

    Agreed with previous comments –
    Zero Day was referred to by a certain Mark Russinovich of SysInternals, now Microsoft (who revealed the Sony Rootkit fiasco) that actually means any vulnerabilities not even discovered/reported by official legitimate security firms.
    If a single immoral hacker finds a vulnerability in a system and develops an exploit, making money from it or not, and the world knows nothing of it, its a Zero Day exploit.
    Wheres this 24 hour from disclosure crap come from!?

  7. srilyk says:

    Kris Lamb is apparently an idiot. Why would any sane person suggest

    that exploits *not* be published? Sure there may not be a central

    authority (that would be a good thing), but not publishing exploits

    would be akin to saying “You know what? Exploit all you want, nobody

    will realize what you’re doing until it’s too late.”

    In addition, publishing exploits forces consumers and publishers alike

    to either wake up or get screwed. And if you’re too stupid to secure

    your browser, do we *really* want you to have any more money/power than

    you already do?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 92,427 other followers