Welcome to the SecAware blog

I spy with my beady eye ...

18 Jun 2006

Zero-day exploits follow M$ patches

It is presumably just a coincidence that a zero-day Microsoft Excel vulnerability was acknowledged by Microsoft just a few days after this month's MS Patch Tuesday. It is conceivable, though, that major MS exploits might be released deliberately to coincide with Patch Tuesday since patches are unlikely to be released for at least another month. who knows? I'd say it is more likely that the black hats hope their exploits will remain just below the radar for as long as possible so the release timing is irrelevant.
Perhaps not such a coincidence: Symantec is reporting that a PowerPoint zero-day exploit was released just after July's M$ patch Tuesday.
More malware links

No comments:

Post a Comment