Dec 11 2008
From the Register:
Chinese security researchers have admitted that they inadvertently released code that might be misused to exploit an unpatched Internet Explorer 7 vulnerability.
Scripts to pull off the trick were already on sale in underground forums before the inadvertent release. Even so, anything that increases the likelihood of digital delinquents getting their hands on the exploit is unwelcome.
VeriSign’s iDefense security division reports that attack code was up for sale at prices of up to $15,000 through underground forums. Prices are likely to slide following the escape of assault code from labs run by KnownSec.
2 Responses to “Chinese research team KnowSec inadvertently releases IE7 exploit code”