1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

$90,000 zero-day exploit for sale: It could potentially impact all Windows OS versions

Discussion in 'Network World' started by RSS, Jun 1, 2016.

  1. RSS

    RSS New Member Member

    On the Russian underground forum exploit.in, seller “BuggiCorp” has a zero-day for sale that purportedly works against all versions of Windows. The price tag is $90,000.

    In the words of the email alerting me to this zero-day, this vulnerability “could affect almost all Windows machines on the planet.” If the local privilege escalation (LPE) vulnerability truly does exit in all versions of Microsoft Windows, from Windows 2000 up to Windows 10, then it could potentially impact “over 1.5 billion Windows users.”

    According to SpiderLabs security researchers at Trustwave, who found the post on a cybercriminal underground forum, “It seems the seller has put in the effort to present himself/herself as a trustworthy seller with a valid offering. One of the main indicators for this is the fact that the seller insists on conducting the deal using the forum's admin as the escrow.”

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page