Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zero-Day Team Launches with Emergency IE Patch

Posted by ryuzaki0 on from the heroes-of-the-buggy dept.

Holy Mother of Thor writes to mention an eWeek article about a third-party patch for Internet Explorer. A dark horse security group formed after the WMF attacks in late 2005, the ZERT (Zero Day Emergency Response Team) has released a patch to attempt to slow the malware attacks on Windows. From the article: "'It is clear that we are dealing with an underground group of people who are writing exploits for profits. They are waiting for Patch Tuesday to pass, then it becomes Exploit Wednesday. We're seeing these zero-days in the wild, timed precisely to guarantee at least an entire month to spread,' Stewart said in an interview with eWEEK. Stewart, who is volunteering his reverse-engineering skills and time to ZERT in his private capacity, wrote an early version of the VML (Vector Markup Language) patch the group released Sept. 22 and worked closely with others to fine-tune the update to minimize potential glitches."

5 of 157 comments (clear)

  1. AUGH! STOP SAYING ATTACKS! by Anonymous Coward · · Score: 0, Funny

    Attacking the attacks on attacks by attackers who attack with attacks!?

  2. Poor Stew. by twitter · · Score: 4, Funny

    Stewart said in an interview with eWEEK. Stewart, who is volunteering his reverse-engineering skills and time to ZERT in his private capacity, wrote an early version of the VML (Vector Markup Language) patch the group released Sept. 22 and worked closely with others to fine-tune the update to minimize potential glitches."

    Very noble of him to volunteer, but we all know what happens in the movies to the character who mistakenly sacrifices themselves to defend the bad guy. At this moment, chairs are flying and the heavy weights at M$ are screaming things like, "This guy is making us look bad! Steve smash!" A much cooler arch villain grins a maniacally at his underling and contemplates co-opting as much of the work as possible before dropping both of them into a pool of red hot magma.

    What will the real world fate be for poor Stew? DMCA suit? C&D for trade secret or patent infringement? Who knows! But none of it will really make windoze a place that's safe for your work.

    --

    Friends don't help friends install M$ junk.

    1. Re:Poor Stew. by uufnord · · Score: 3, Funny
      I want to point this out:

      Other volunteers involved with the ZERT initiative include
      * Halvar Flake, CEO and head of research at Sabre Security;
      * Ilfak Guilfanov, author of the IDA Pro binary analysis tool;
      * Paul Vixie, founder of the ISC (Internet Software Consortium);
      * Roger Thompson, chief technology officer of Exploit Prevention Labs;
      * Florian Weimer, a German computer expert specializing in Linux and DNS (Domain Name System) security..

      These guys are top-notch. I can't give enough praise to show my support for what they're doing. When all the government bullshit artists were finger pointing, when all the CERTs of the world were waiting for a vendor fix, when Microsoft was sitting on it's hands doing nothing, these guys were working hard to build useful tools. Hackers and crackers on both sides of the fence have benefitted from the work these guys have done. If you don't know who these guys are, google them, because they're all good people, hard workers, and brilliant minds.

      ... except for Roger Thompson.

  3. Re:Spyware Thursday by Anonymous Coward · · Score: 1, Funny

    Useless posts yeah, they just rock.

  4. The patch can be downloaded..... by 8127972 · · Score: 3, Funny

    .... from any of the following links:

    www.getfirefox.com
    www.opera.com

    --
    This is my opinion. To make sure you don't steal it, it's covered by the DMCA.