Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Microsoft's "monkeys" find first zero-day exploit


  • Please log in to reply

#1
Chachazz

Chachazz

    Member 3k

  • Member
  • PipPipPipPipPipPip
  • 3,046 posts
Robert Lemos,
SecurityFocus 2005-08-08


Microsoft 's experimental Honeymonkey project has found almost 750 Web pages that attempt to load malicious code onto visitors' computers and detected an attack using a vulnerability that had not been publicly disclosed, the software giant said in a paper released this month.
Click here for Core Impact!

“ In terms of detection capabilities, it's a really elegant hack. The antivirus model -- scan for dangerous patterns -- can't find previously unknown attacks. ... No, the best way to find out if a web page, if executed, would attack the browser is to spawn a browser and let it execute potentially hostile code. ”

Known more formerly as the Strider Honeymonkey Exploit Detection System, the project uses automated Windows XP clients to surf questionable parts of the Web looking for sites that compromise the systems without any user interaction. In the latest experiments, Microsoft has identified 752 specific addresses owned by 287 Web sites that contain programs able to install themselves on a completely unpatched Windows XP system.

More @ Security Focus
  • 0

Advertisements


#2
Baggyboy

Baggyboy

    Member

  • Member
  • PipPipPip
  • 106 posts
Yeah, I too read this article on Security Focus. What seems more alarming to me is that there were exploits discovered by this project which were new and unpatched and therefore would be able to install on every single machine it encountered, not just unpatched ones, which IMHO are just asking for trouble!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP