Wednesday, September 26, 2007

And another 0-day ITW

Hi folks,

Today we have found yet another 0-day ITW. ITW stands for In The Wild, and means that the exploit has been found alive on a website, and actually trying to install real malware, as opposed to ITZ. ITZ stands for In The Zoo, and refers to those exploits which are proofs of concept only, and which are not actually in use.

Anyway, today we found another one.

It's another activex buffer overflow in a Chinese product called Baofeng Storm. NIST has a write-up here...

We're not really sure what that is, because the website is in Chinese only, and that makes it a bit hard to read for those of us who only speak English. :-) The good news is that this probably means it is unlikely to be on too many computers outside China.

The bad news is that this seems to have only been announced in the middle of Septmeber, so it again shows that the Bad Guys are being really vigilant.

Naturally, we detect it anyway. :-)





Post a Comment

<< Home