Got $90,000? A Windows 0-Day Could Be Yours

Discussion in 'other security issues & news' started by Dermot7, May 31, 2016.

  1. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    http://krebsonsecurity.com/2016/05/got-90000-a-windows-0-day-could-be-yours/
     
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    If the potential buyer had complete confidence that the "bug" was a powerful as they contend, and if the buyer knew they would be the ONLY one to ever have it (unless they leaked it), the price and worth would be much higher. The first use of such a "bug" could reap many times the cost in one harvest.

    I hate that Windows is such an accident waiting to happen. Left it long ago.
     
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    It's a local privileges escalation exploit that could reek havoc on security protections that are policy based as many corp. and gov. based systems are.
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Yes, they often combine these kind of bugs with holes found in browsers, in order to bypass browser sandboxes, for example. But they are not often used in wide scale attacks, that's the good news.
     
  5. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,171
    Appears EMET can't stop it either.
     
  6. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,977
    Location:
    Brasil
    Given how advanced malware is these days, it's completely possible to make it behave as a ligitimate software which has DRM and everything :argh:
     
  7. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,416
    I think the the seller is a scammer. You honestly won't find 0-days on exploit.in. Just a bunch of Russian crap.
     
  8. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    https://www.trustwave.com/Resources/SpiderLabs-Blog/Zero-Day-Auction-for-the-Masses/
     
Loading...