IBM Sees Influx In Zero-day Exploits


IBM’s X-Force security team has released a mid-year report(PDF) stating that the number of zero-day exploits is growing at an alarming rate. For those of you unfamiliar with the term, a zero-day exploit is a program that is created and implemented within 24 hours of the disclosure of a security flaw. These exploits usually affect users before they even know the vulnerability exists and long before a patch is made available. The researchers also found that many of these exploits were targeted at browser plug-ins, which most users utilize on a daily basis.

[Kris Lamb], X-Force operations manager, is blaming the problem on a lack of a unified process for disclosing vulnerabilities. He also claims that the long-held practice of publishing example code of vulnerabilities should be frowned upon.

[via Liquidmatrix]

7 thoughts on “IBM Sees Influx In Zero-day Exploits

  1. You link a Wikipedia article that you didn’t even read? That’s not what 0day is, even Wikipedia knows that: “A zero-day (or zero-hour) attack or threat is a computer threat that tries to exploit unknown, undisclosed or unpatched computer application vulnerabilities.”

    UNKNOWN. UNDISCLOSED. UNPATCHED.

    Keep making up definitions!

  2. Jesus christ. 0-day is not what you think it is. Anyone know of a blog that is like what hack a day used to be? Hardware hacks without this bullshit wanna be slashdot drivel?

  3. Bit of a “duh” in the Windows world, if I’m reading this correctly. The whole problem with Microsoft going on a set schedule for patches (Patch Tuesday, as it is so called) is that malicious individuals realize the best time to release is just AFTER patch Tuesday, eliminating the possibility of even a last-minute patch. And Microsoft’s stand is that they will not release patches outside of that day unless it is very severe. *shrug*

  4. Agreed with previous comments –
    Zero Day was referred to by a certain Mark Russinovich of SysInternals, now Microsoft (who revealed the Sony Rootkit fiasco) that actually means any vulnerabilities not even discovered/reported by official legitimate security firms.
    If a single immoral hacker finds a vulnerability in a system and develops an exploit, making money from it or not, and the world knows nothing of it, its a Zero Day exploit.
    Wheres this 24 hour from disclosure crap come from!?

  5. Kris Lamb is apparently an idiot. Why would any sane person suggest

    that exploits *not* be published? Sure there may not be a central

    authority (that would be a good thing), but not publishing exploits

    would be akin to saying “You know what? Exploit all you want, nobody

    will realize what you’re doing until it’s too late.”

    In addition, publishing exploits forces consumers and publishers alike

    to either wake up or get screwed. And if you’re too stupid to secure

    your browser, do we *really* want you to have any more money/power than

    you already do?

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.