Dec 11 2008

Chinese research team KnowSec inadvertently releases IE7 exploit code

Published by at 4:39 pm under Uncategorized

From the Register:

Chinese security researchers have admitted that they inadvertently released code that might be misused to exploit an unpatched Internet Explorer 7 vulnerability.

Scripts to pull off the trick were already on sale in underground forums before the inadvertent release. Even so, anything that increases the likelihood of digital delinquents getting their hands on the exploit is unwelcome.

VeriSign’s iDefense security division reports that attack code was up for sale at prices of up to $15,000 through underground forums. Prices are likely to slide following the escape of assault code from labs run by KnownSec.

2 responses so far

2 Responses to “Chinese research team KnowSec inadvertently releases IE7 exploit code”

  1. Addeon 12 Dec 2008 at 10:20 am

    Well, this is a bad news. IE is already prone to hacks, so if bad guys get their hands on it, then i think that it is going to cause a good amount of problem.

  2. cbrp1r8on 15 Dec 2008 at 7:31 am

    On all the good hacker sale sites, this was being bid on, this was up to about $15,000 up until these chinese guys “accidentally” released this exploit POC to the public. Once it got out, the price dropped out of the bucket, that’s when everyone knew the public code was available.