Home page logo
/

bugtraq logo Bugtraq mailing list archives

RE: Trend Micro's Vista "0day exploit auction" claim
From: "Roger A. Grimes" <roger () banneretcs com>
Date: Tue, 19 Dec 2006 21:55:44 -0500

I can't verify it. But $50K for an exploit against an OS that will not
be widely deployed for many months seems to be excessive. Who in their
right mind would want to pay $50K to exploit 10 machines before the
exploit is captured, sent to MS, and patched, all before the general
population really starts running it.

It doesn't pass the commonsense test to me. A zero day on XP Pro would
be oh, so much more valuable. 

-----Original Message-----
From: Ryan Meyer [mailto:lists () youthinkitweprintit com] 
Sent: Tuesday, December 19, 2006 1:59 PM
To: bugtraq () securityfocus com; pen-test () securityfocus com
Subject: Trend Micro's Vista "0day exploit auction" claim

A number of popular tech news sources are reporting Trend Micro's CTO,
Raimund Genes, publicly claiming that there are "auctions" for zero-day
Windows Vista exploits. Further, he claims these auctions are fetching
approx $50,000.

Could anyone verify Trend Micro's claim?

It seems dubious, at best, to me and possibly nothing more than pure
FUD.

Sorry to get off topic.

Ryan Meyer 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]