Browser exploits to be released in July
Thread Starter
Pic Whore
Joined: Jul 2004
Posts: 22,224
Likes: 1
From: NJ
Browser exploits to be released in July
A really interesting development this month is that HD Moore has been stockpiling browser exploits, and is intending to release one per day for the month of July... see http://browserfun.blogspot.com/ . Most will be Internet Explorer/Windows, and most will be denial of service (that is IE crashers) as opposed to code-running exploits, but here's the interesting part... just about any application crash can be turned into arbitrary code execution, if someone is determined enough to work at it. This presents Microsoft with a dilemma. They can't patch and test them all within the month, so which ones do they deal with first? And will the Bad Guys choose one, some or none, to turn into code executers? And how long will it take them?
Senior Member
Joined: Aug 2002
Posts: 3,181
Likes: 0
From: CA
this'll be interesting. as microsoft ramps up for the release of IE7, we get up to 31 more security problems with IE6. do they pull some resources from the IE7 team and possibly delay its release? do the problems also affect IE7 (i'm guessing yes)? ship IE7 with up to 31 security holes (why not... look at IE6)?....
