Vupen selling Windows 8 zero-day bug to highest bidder

Andre Yoskowitz
4 Nov 2012 13:05

French security firm has announced they are selling a Windows 8 zero-day exploit to the highest bidder.
Vupen writes: "Our first 0day for Win8+IE10 with HiASLR/AntiROP/DEP & Prot Mode sandbox bypass (Flash not needed)."

The firm specializes in finding vulnerabilities in software, most notably from companies like Microsoft, Apple and Adobe.
However, Vupen is no saint. The company sells its research to third-parties, normally in governments and companies, without sharing the details with the affected software makers. The software makers can also purchase the research, and many do.

The new exploit is for the new Windows 8 OS, and also includes the Internet Explorer 10 browser. Vupen has not yet shared the details with Microsoft.

Our first 0day for Win8+IE10 with HiASLR/AntiROP/DEP & Prot Mode sandbox bypass (Flash not needed) is ready for customers. Welcome #Windows8

-- VUPEN Security (@VUPEN) October 30, 2012

More from us
Tags
Exploits Windows 8 vupen security firm
We use cookies to improve our service.