|
Full Disclosure
mailing list archives
Re: Two bulletins from Microsoft on Patch Tuesday
From: n3td3v <xploitable () gmail com>
Date: Sat, 8 Nov 2008 14:45:31 +0000
There is no evidence of 0day in the wild for the upcoming patches and
Microsoft have released no information to suggest so.
On Fri, Nov 7, 2008 at 4:18 PM, <Valdis.Kletnieks () vt edu> wrote:
2) There's a very high chance that at least some percent of the black-hat
community is sitting on a 0-day exploit for these, that they've been using
for directed attacks under the radar (and in fact, a good chance that the
bulletin was issued because somebody's attack *didn't* go under the radar,
and that's how the white hats got a copy of the exploit). This bulletin
is a heads-up to those black hats that their 0-day is going to be dropping
in value a lot starting Tuesday - so it's "smoke em if you got em" time.
For bonus points - compute what percent of advisories released next week
that *claim* to be reverse-engineering of the binary diff are actually
drops of 0-days that just became useless... ;)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: Two bulletins from Microsoft on Patch Tuesday, (continued)
| 
Intro
