Windows 8 zero-day exploit found?

[nsane.forums]

A security company called VUPEN claims to have found a zero day exploit in Windows 8 and Internet Explorer 10 and is selling that information to companies. Microsoft has no comment yet.

Has Windows 8 been broken just a few days after its launch? A French security company called VUPEN claims to have found such a zero-day exploit and is now selling that information to companies.

Our first 0day for Win8+IE10 with HiASLR/AntiROP/DEP & Prot Mode sandbox bypass (Flash not needed) is ready for customers. Welcome #Windows8— VUPEN Security (@VUPEN) October 30, 2012

VUPEN says in a Twitter post that they have found a way around the security features for both Windows 8 and Internet Explorer 10. It is now selling that information to any companies or governments willing to pay lots of money to protect their Windows 8 systems.

VUPEN is a bit controversial in the computer security business in that it does not actually tell companies like Microsoft what kinds of exploits it has discovered. Microsoft has made much of the fact that Windows 8 uses the Unified Extensible Firmware Interface, or UEFI, to help better protect its newest PC OS.

In a statement, Microsoft says, "We saw the tweet, but further details have not been shared with us. We continue to encourage researchers to participate in Microsoft’s Coordinated Vulnerability Disclosure program to help ensure our customers’ protection.”

View: Original Article

[LiLmEgZ]

Haha wow... they want big money to protect systems... funny as hell... itll be patched eventually by MS once they are exactly aware of what the loophole/bug is capable of doing and what damages it can cause/produce on one's systems.

[digimon]

about time anyway with what 50 mill plus lines of code and being the most common os platform its impossable not to have zero day exploits