1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News VUPEN sells Windows 8 zero-day vulnerability code

Discussion in 'Article Discussion' started by Gareth Halfacree, 2 Nov 2012.

  1. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,379
    Likes Received:
    7,210
  2. TheDodoKiller

    TheDodoKiller Minimodder

    Joined:
    23 Oct 2011
    Posts:
    585
    Likes Received:
    30
    It'd be interesting to know what they sell it for in the end. It's probably quite a big blow for Microsoft, but I'm assuming no-one outside of VUPEN knows that it works? Could it all just be made up?
     
  3. dyzophoria

    dyzophoria Minimodder

    Joined:
    3 May 2004
    Posts:
    393
    Likes Received:
    1
    sounds like they are waiting for Microsoft to pay them for the disclosure,lol, based on what they do, VUPEN looks like a prosecution lawyer :D , on the other hand since its win8+ie10 (which recently was always the case), then a simple (as always) do not use IE10 is the temporary solution
     
  4. theshadow2001

    theshadow2001 [DELETE] means [DELETE]

    Joined:
    3 May 2012
    Posts:
    5,284
    Likes Received:
    183
    What a bunch of arseholes
     
  5. sub routine

    sub routine Archie Gemel

    Joined:
    27 Sep 2007
    Posts:
    282
    Likes Received:
    2
    if they sold it to anyone other than micrsoft then surely they would open themselves upto and accessory as by definition this is "malitious" code
     
  6. lacuna

    lacuna Minimodder

    Joined:
    9 Aug 2004
    Posts:
    687
    Likes Received:
    18
    I'm surprised people like this aren't made to 'disappear' by MS
     
  7. deathtaker27

    deathtaker27 Modder

    Joined:
    17 Apr 2010
    Posts:
    2,238
    Likes Received:
    186
    All code has loopholes in it, anyone ever seen a program without some kind of security issue
     
  8. RichCreedy

    RichCreedy Hey What Who

    Joined:
    24 Apr 2009
    Posts:
    4,698
    Likes Received:
    172
    since code is written by humans, and windows 8 was probably worked on by hundreds if not thousands off peeps there will always be flaws, I think VUPEN should be held accountable for not disclosing responsibly to Microsoft the flaws they have found
     
  9. sixfootsideburns

    sixfootsideburns modeteer

    Joined:
    6 Feb 2009
    Posts:
    618
    Likes Received:
    9
    Anyone else think Microsoft would benefit from just buying companies like VUPEN? If they are so good at finding exploits, just buy them and then step back and let them keep doing the dirty work they already do. Accept now its a benefit not a threat.

    Maybe I'm missing the point but it would certainly make sense to me. Its like goverments hiring hackers... If you already know they are good at it, why don't you just make it more beneficial for them to work for you than against you?
     
  10. GoodBytes

    GoodBytes How many wifi's does it have?

    Joined:
    20 Jan 2007
    Posts:
    12,300
    Likes Received:
    710
    This kind of behavior should be illegal. But who am I kidding, doing this, will make them sale it to teh balck market secretly, and make things worse.
     
  11. fdbh96

    fdbh96 What's a Dremel?

    Joined:
    29 May 2011
    Posts:
    1,894
    Likes Received:
    33
    People like this should be able to get prosecuted. If the exploit affects even a small percentage of win 8, it could be a disaister. Sure microsoft should pay them for it but they should be prevented from selling it to anyone else. Microsoft get screwed over enough as it is.
     
  12. rollo

    rollo Modder

    Joined:
    16 May 2008
    Posts:
    7,887
    Likes Received:
    131
    Testing should of found these flaws
     
  13. TheBitterNoob

    TheBitterNoob What's a Dremel?

    Joined:
    14 Mar 2012
    Posts:
    5
    Likes Received:
    0
    @rollo its not simple as that though,Testing doesn't reveal every flaw a code and given the constrains the coders are given even if they found this specific flaw they may likely not embed the fix into the build in time.
     
  14. dyzophoria

    dyzophoria Minimodder

    Joined:
    3 May 2004
    Posts:
    393
    Likes Received:
    1
    if its only as simple as that buddy.. all systems have flaws, fixing the flaws fast is where is the measure on how good a company is :)
     
  15. towelie

    towelie How do I Internet!!

    Joined:
    1 Sep 2011
    Posts:
    399
    Likes Received:
    10
    Guys did anyone think windows 8 wasn't going to be vulnerable? Even when the beta/CP was out there were working exploits against it.
     
  16. LordPyrinc

    LordPyrinc Legomaniac

    Joined:
    7 Mar 2008
    Posts:
    599
    Likes Received:
    6
    If I wanted an OS that looks like Windows 8, I'd simply update to a newer Smart Phone. I plan on sticking with Windows 7 as long as possible.

    As for VUPEN, I'm surprised that they can legally get away with this sort of behavior. From the sound of it, they aren't even trying to hide what they are doing.
     
  17. Kacela

    Kacela What's a Dremel?

    Joined:
    19 Apr 2011
    Posts:
    30
    Likes Received:
    0
    /me applauds the proper use of "cracker." :) The difference is intent.
     
  18. leexgx

    leexgx CPC hang out zone (i Fix pcs i do )

    Joined:
    28 Jun 2006
    Posts:
    1,356
    Likes Received:
    8
    VUPEN is in France so should not be to hard for MS to do something to them as they are for the most part selling ways to bypass security in windows is illegal as they are contributing to users losing money when one of these 0day stuff happens
     
  19. PingCrosby

    PingCrosby What's a Dremel?

    Joined:
    16 Jan 2010
    Posts:
    392
    Likes Received:
    7
    When is Windows 9 out?
     
  20. jb0

    jb0 Minimodder

    Joined:
    8 Apr 2012
    Posts:
    555
    Likes Received:
    93
    Once. I believe I even have the source.

    10 PRINT "Hello world."
    20 END
     
    Votick likes this.

Share This Page