Forgot your password?
typodupeerror
Bug Security Windows Technology

Microsoft Confirms Zero-Day Hours After Exploit 53

Posted by CmdrTaco
from the that's-sum-sploit dept.
CWmike writes "Microsoft confirmed on Tuesday an unpatched vulnerability in Windows just hours after a hacking toolkit published an exploit for the bug. A patch is under construction, but Microsoft does not plan to issue an emergency update to fix the flaw. The bug was first discussed Dec. 15 at a South Korean security conference, but got more attention Tuesday when the open-source Metasploit penetration tool posted an exploit module crafted by researcher Joshua Drake. Metasploit says successful attacks are capable of compromising victimized PCs, then introducing malware to the machines to pillage them for information or enlist them in a criminal botnet."
This discussion has been archived. No new comments can be posted.

Microsoft Confirms Zero-Day Hours After Exploit

Comments Filter:
  • Bashfest (Score:1, Interesting)

    by Microlith (54737)

    You should check out the one-sided bashfest that was posted on Ars Technica [arstechnica.com] over this.

    If the maintainer of the tool is to be believed, MS has known of this flaw for almost six months and done nothing, and had several days of notice that the new version was going to be released (not that the new version appears to have mattered.)

  • by BasharTeg (71923) on Tuesday January 04, 2011 @08:13PM (#34760402) Homepage

    Non-Affected Software
    Windows 7 for 32-bit Systems
    Windows 7 for x64-based Systems
    Windows Server 2008 R2 for x64-based Systems
    Windows Server 2008 R2 for Itanium-based Systems

    • Any version not using thumbnail view.

      Turn off thumbnail view.

    • So Windows doesn't give a flying fuck about any OS that's already EOLed or it's EOLing soon?

      Who woulda thunk it?
      • 1. Windows XP still has more market share [hitslink.com] (57%) than Windows Vista (12%) and Windows 7 (21%) combined. More to the point since Vista and XP are affected, more than three quarters of Windows systems are affected. They should care. We sure as hell care. If all Microsoft cares about is W7, that tells us a lot about their commitment to support and security. It's not 2002 [cnet.com] any more. It's now 2011, and if being "all in" in the cloud and "all in [infoworld.com]" in mobile, and committed to "Dynamics [devsource.com]" (whatever the heck that

    • by onionman (975962)

      Non-Affected Software...
      Windows Server 2008 R2 for Itanium-based Systems

      Good thing for that guy!

  • A co-worker and I have witnessed multiple attempts by CutePDF Writer to install itself, unbidden. I haven't ever used it, as far as I know and haven't been to any pages I can think of which would require me to save something in PDF. As a wary user I don't trust anything which just pops up without my asking, particularly to install software. Could this be the result of accessing a web page which is retrieving content from a compromised site? Seems such that the CutePDF install request could really be a s

    • by BitZtream (692029)

      I've found CutePDF bundled with a few other packages that seemed extremely odd, perhaps you installed it without noticing that you didn't uncheck a box on some stupid installer? It seems to be the next big thing for shoveling crapware (not that I think CutePDF is crapware, I actually like it) on people without them consenting. I say without consent not because they never give you the option to not install it (some do) but because they intentionally obscure the option or wording so you don't realize that i

      • by ackthpt (218170)

        I've found CutePDF bundled with a few other packages that seemed extremely odd, perhaps you installed it without noticing that you didn't uncheck a box on some stupid installer? It seems to be the next big thing for shoveling crapware (not that I think CutePDF is crapware, I actually like it) on people without them consenting. I say without consent not because they never give you the option to not install it (some do) but because they intentionally obscure the option or wording so you don't realize that its going to install something, or the make it an opt out, where you have to check to box to not install it rather than the natural assumption of checking it too install it.

        Second thing I did was look through all installed software - no CutePDF anywhere. I found a CutePDF.tmp running when checking tasks. It's highly unusual.

  • Oh, FORK THAT!

  • I always thought that "zero-day" means "before the product is released publicly" -- so eg "zero-day crack" would be a cracked, leaked copy of some software, "one-day exploit" would be an exploit found the same day it was released, etc. But now it seems that "zero-day" is being applied to absolutely every exploit ever. Am I totally mis-remembering? Mis-understanding? Can anyone explain?
    • The moment Microsoft confirmed the zero-day, it was no longer a zero-day. Microsoft can never become aware of a zero-day, because by doing so they make it a one-day.
    • We're talking about a zero day exploit not a zero-day release.

      With a zero-day exploit it means you had zero days of warning to patch the flaw before an exploit was spotted in the wild. So basically it means someone out there found this bug on their own and was using it for their own nefarious means before the good guys even knew about it the existence of the bug.

      Not every exploit is a zero-day one, but for some reason they are all called zero-day exploits now.

      This one doesn't seem like a zero-day exploit si

      • by Rashkae (59673)

        That is Microsoft's new definition of zero day. Traditionally, Zero day exploit means that the software maintainer/creator did not know about the flaw until after an exploit is in the wild. However, according to the summary, this flaw was publicly announced at a security conference December 15. So in Microsoft speach, Zero-day now means an exploit to a known flaw they never bothered to patch.

  • The article noted affecting a graphics rendering engine... There are lots of custom games on starcraft 2 and a LOT of players making their own maps...
  • They discovered an exploit to give us zero-day hours? And it's confirmed? W00t! Better call Stephen Hawking! ... oh.

  • Developpers needs to stop using int's when unsigned int's would have done the job.

    Then all those "oh god, we did not anticipate a negative number here!" bugs would be fixed already.

Parts that positively cannot be assembled in improper order will be.

Working...