Just a few weeks ago, Internet Explorer 7 users experienced the newest zero day exploit, and Christian Louboutin
this one was far more serious than many seen in the past. Microsoft was good enough to release a patch for this concerning exploit a week after it was discovered, but it leaves many different kinds of computer users quite worried about the weaknesses in their own security systems. Even with the IE 7 zero day exploit, users were left with options, but before you explore exactly what those options were, it’s important to get a good grasp on zero day exploits as a whole.Zero Day Exploits – Understanding the ConceptIn short, a zero day exploit is an attack against a particular computer application. The entire point of a zero day exploit is to look at the weaknesses within a program and abuse them. In most cases, this is done with malevolent intent, but that’s not always the case. For example, sometimes security vendors will release zero day exploits so that they can gain an understanding of the holes in a program or a set of programs. Sometimes they even build holes into a program with the only goal of developing a knowledge base of how these kinds of scenarios work.In most cases, zero day exploits, though, aren’t harmless attempts at gaining an understanding by a security company. More often than not, they are malicious in nature, and it’s rare that either the vendor or program buyers know about these zero day exploits. They’re always released before the software is actually sold, and vendors have little idea that they’ll have to struggle to get a patch together on the day of release.Zero day exploits work with a variety of different triggers. For example, if the exploit is designed for a browser, as was the case with the Internet Explorer 7 zero day exploit, users could visit a given site or click on a particular link, and that causes the exploits to begin the cycle. In some cases, exploits are Christian Louboutin Flats
sent as an email attachment. Once the attachment is opened, the computer is at risk. File exploits like this do comprise the attacked system, but they also place confidential data at risk, and that’s the real concern with any zero day exploit. The biggest threat occurs between its own release and the software vendor’s patch release. The IE 7 Zero Day ExploitThe recent problem with IE 7 was just one of many in a cycle, and unfortunately, the root of this one is not malicious. Chinese security researchers caused the problem, and while its roots aren’t malicious, the effects of it are. If an attacker gains access to the system thanks to the exploit created by these researchers, they get the same rights as a local user might. The only real safety valve here was the fact that if administrators had better rights than users on any given computer accessed by an attacker, fewer problems might occur, but that was rarely the case. The problem began when, on Tuesday, December 9, Microsoft released an update for IE 7. If users visited a given site, they didn’t even have to click on anything within that site, a Trojan was installed, and that caused serious security risks for computers that allowed data to be stolen from each infected machine. Because almost 26% of computer users default to IE 7, Microsoft, and many computer owners, were quite concerned at the risk. The problem was made much worse by the fact that as soon as it was released, it began to develop its own variants. Security company after security company ranked it as the most serious zero day exploit they’d ever seen. Just days after the release, Microsoft reported "Our investigation so far has shown that these attacks are against Windows Internet Explorer 7 on supported editions of Windows XP Service Christian Louboutin Pumps
