Information Security News mailing list archives
Hackers may cash in when XP is retired
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 27 Aug 2013 06:00:35 +0000 (UTC)
http://www.computerworld.com/s/article/9241833/Hackers_may_cash_in_when_XP_is_retired By Gregg Keizer Computerworld August 26, 2013Hackers could find themselves in the catbird seat on April 8, 2014 -- the day Microsoft plans to stop patching Windows XP. As security expert Jason Fossen sees it, those who have zero-day exploits for XP will bank them until that day and then sell them to crooks or loose them themselves on unprotected PCs.
It's simply economics at work, said Fossen, a trainer for the SANS Institute since 1998.
"The average price on the black market for a Windows XP exploit is $50,000 to $150,000, a relatively low price that reflects Microsoft's response," said Fossen. When a new vulnerability -- dubbed a "zero-day" -- is detected, Microsoft investigates, pulls together a patch and releases it to XP users.
But the price will go up when Microsoft stops patching its aged operating system.
[...] -- Find the best InfoSec talent without breaking your recruiting budget! Post a Job, $99 for 31 days. Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
Current thread:
- Hackers may cash in when XP is retired InfoSec News (Aug 26)