Zero day Wednesdays, Patch Tuesday under attack


Somewhere, perhaps in the United States but more likely somewhere in China, a man walks out of a nondescript building, casts his eyes upon the urban landscape around him after spending an eight hour day staring at a computer screen, and lights a cigarette. He does not know his bosses by name or by face; he knows only that he is paid, and paid pretty well, for his research.

Like a legitimate computer security researcher, he uses automated testing tools against Microsoft Office software, probing for buffer overflows, pointer errors, or negative integers in Word, Excel, and PowerPoint. Unlike a legitimate security professional, he does not report what he finds to Microsoft.

Instead, either he or his bosses will use this information for corporate espionage, to create what's called a zero-day attack using targeted Trojan horses that exploit an unpublished flaw. Worse, they'll wait until after Microsoft publishes its latest patches on the second Tuesday of the month. They'll release their attacks the day after, when everyone's distracted by the new patches, a day we'll call Zero-day Wednesday. Security Watch: Zero-day Wednesdays - CNET reviews

Linked by shanmuga Friday, 21st July 2006 11:53PM