back to article Chinese researchers inadvertently release IE7 exploit code

Chinese security researchers have admitted that they inadvertently released code that might be misused to exploit an unpatched Internet Explorer 7 vulnerability. Scripts to pull off the trick were already on sale in underground forums before the inadvertent release. Even so, anything that increases the likelihood of digital …


This topic is closed for new posts.
  1. Anonymous Coward

    It was that gave it away for me.

    The ISC handlers' diary includes a screenshot of the exploit code:

    that, although mildly obfuscated, contains all the search terms anyone needs

    to seek out a copy of the exploit itself:

  2. yeah, right.


    Yet this freetard commentard notes that the Microserftards continue to claim that the Mactards, Linuxtards and Unixtards are only spared because of market share rather than fundamental differences in their security models. As in, Microserftards don't have one.

    I also note, following Orlowski's latest uncommentable diatribe, that the editards and some journotards of the Reg continue to think that putting 'tard after words is oh so funny or descriptive. Rather than realizing that many of us readertards consider it to be really childish, intelligence insulting, and quite retarded.

    If you thought the above was funny, I guess you're a target market for the direction El Reg is going in.

  3. Jodo Kast

    @yeah, right

    I was waiting for you to correct the way they speak in London.

    They don't speak like that in America, yet it's funny how many people seek to 'correct' their grammar.

    They just don't get it, Scott.

    They should read the Japanese posts and correct their grammar. Now *that's a challenge!

  4. TeeCee Gold badge

    Not necessarily a bad thing.

    They should do this more often.

    If an exploit is already available underground for 15k a pop and someone gives it away for free, who gets hurt........?

    It might be a sensible change of tactic to make a point of reverse-engineering and releasing FOSS versions of existing exploit packages and take the profit motivation out of the coding side of the business altogether.

  5. The Fuzzy Wotnot


    Yes we believe you. Of course it was an accident!

  6. Anonymous Coward


    There is already a massive community dedicated to the development and understanding of exploits and sharing them in an open and full-disclosure manner; see milw0rm or metasploit for more information. (A couple of years ago I would have suggested regularly reading the full-disclosure list, but it's got a lamentably low SNR these days; still comes out with some gems now and again though.)

  7. Eduard Coli
    Thumb Down

    Money for nothin and chicks for free

    Researchers need Porsches too.

    I'm sure that incident with the Rosenbergs was just an accident too.

  8. Anonymous Coward

    Mandarin is not writing

    You don't write in Mandarin. You speak it. Chinese script is comprehended by all readers, regardless of their dialect. Properly it is Chinese, or Hanzi.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019