Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Hackers may cash in when XP is retired

From: InfoSec News <alerts () infosecnews org>
Date: Tue, 27 Aug 2013 06:00:35 +0000 (UTC)
http://www.computerworld.com/s/article/9241833/Hackers_may_cash_in_when_XP_is_retired

By Gregg Keizer
Computerworld
August 26, 2013
Hackers could find themselves in the catbird seat on April 8, 2014 -- the day Microsoft plans to stop patching Windows XP. As security expert Jason Fossen sees it, those who have zero-day exploits for XP will bank them until that day and then sell them to crooks or loose them themselves on unprotected PCs.
It's simply economics at work, said Fossen, a trainer for the SANS Institute since 1998.
"The average price on the black market for a Windows XP exploit is $50,000 to $150,000, a relatively low price that reflects Microsoft's response," said Fossen. When a new vulnerability -- dubbed a "zero-day" -- is detected, Microsoft investigates, pulls together a patch and releases it to XP users.
But the price will go up when Microsoft stops patching its aged operating system. 

[...]



--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
Previous By Date Next
Previous By Thread Next

Current thread: