Vupen security company (France) will sell zero-day vulnerabilities in the operating system Windows 7 and Internet Explorer 8, Microsoft's latest.
Vupen is a French company specializing in finding vulnerabilities in software is widely used by companies like Microsoft, Adobe, Apple and Oracle. After finding flaws, Vupen not to share details with the affected software that will show the patch for the Government/corporate/. .. is to use the software, subject to paying for them, to help these organizations protect themselves against hackers attacks.
Vupen has found new problems appearing in the Windows operating system, Microsoft's new 8 and Internet Explorer 7 (IE10). This vulnerability has not been the correct or publicized.
This was discovered by Vupen is one of the first issues for Windows 8 and IE10, although many vulnerabilities have been found in the third-party software running on Windows 7.
The message on Twitter by Vupen was written Wednesday 31/10/2012, implying that the flaw would allow hackers to bypass the security technologies included in Windows 7, including the Address Space Layout Randomization (ASLR), anti-Return Oriented Programming (anti-ROP) and Data Execution Prevention (DEP). The company also pointed out that the flaw was not related to the issue of the Adobe's Flash multimedia System.
"Certainly, if the error is confirmed, then this could be a blow to Microsoft when Windows 8-platform are they billed as the most secure-that ' stick ' error as soon as released publicly," said Andrew Storms, Director of security operations for nCircle said.
So this vulnerability value? It's hard to say. Vupen not published prices publicly. But consultant Jody Melbourne company HackLabs (based in Sydney, Australia) said, "the value of this error will only increase over time if no one outside of Vupen found it"
No comments:
Post a Comment