News VUPEN sells Windows 8 zero-day vulnerability code

It'd be interesting to know what they sell it for in the end. It's probably quite a big blow for Microsoft, but I'm assuming no-one outside of VUPEN knows that it works? Could it all just be made up?

 

sounds like they are waiting for Microsoft to pay them for the disclosure,lol, based on what they do, VUPEN looks like a prosecution lawyer , on the other hand since its win8+ie10 (which recently was always the case), then a simple (as always) do not use IE10 is the temporary solution

 

What a bunch of arseholes

 

if they sold it to anyone other than micrsoft then surely they would open themselves upto and accessory as by definition this is "malitious" code

 

I'm surprised people like this aren't made to 'disappear' by MS

 

All code has loopholes in it, anyone ever seen a program without some kind of security issue

 

since code is written by humans, and windows 8 was probably worked on by hundreds if not thousands off peeps there will always be flaws, I think VUPEN should be held accountable for not disclosing responsibly to Microsoft the flaws they have found

 

Anyone else think Microsoft would benefit from just buying companies like VUPEN? If they are so good at finding exploits, just buy them and then step back and let them keep doing the dirty work they already do. Accept now its a benefit not a threat.

Maybe I'm missing the point but it would certainly make sense to me. Its like goverments hiring hackers... If you already know they are good at it, why don't you just make it more beneficial for them to work for you than against you?

 

This kind of behavior should be illegal. But who am I kidding, doing this, will make them sale it to teh balck market secretly, and make things worse.

 

People like this should be able to get prosecuted. If the exploit affects even a small percentage of win 8, it could be a disaister. Sure microsoft should pay them for it but they should be prevented from selling it to anyone else. Microsoft get screwed over enough as it is.

 

Testing should of found these flaws

 

@rollo its not simple as that though,Testing doesn't reveal every flaw a code and given the constrains the coders are given even if they found this specific flaw they may likely not embed the fix into the build in time.

 

if its only as simple as that buddy.. all systems have flaws, fixing the flaws fast is where is the measure on how good a company is

 

Guys did anyone think windows 8 wasn't going to be vulnerable? Even when the beta/CP was out there were working exploits against it.

 

If I wanted an OS that looks like Windows 8, I'd simply update to a newer Smart Phone. I plan on sticking with Windows 7 as long as possible.

As for VUPEN, I'm surprised that they can legally get away with this sort of behavior. From the sound of it, they aren't even trying to hide what they are doing.

 

/me applauds the proper use of "cracker." The difference is intent.

 

VUPEN is in France so should not be to hard for MS to do something to them as they are for the most part selling ways to bypass security in windows is illegal as they are contributing to users losing money when one of these 0day stuff happens

 

When is Windows 9 out?

 

Once. I believe I even have the source.

10 PRINT "Hello world."
20 END