Friday, August 12, 2005

Microsoft's "monkeys" find first zero-day exploit

Robert Lemos writes in SecurityFocus:

Microsoft's experimental Honeymonkey project has found almost 750 Web pages that attempt to load malicious code onto visitors' computers and detected an attack using a vulnerability that had not been publicly disclosed, the software giant said in a paper released this month.

Known more formerly as the Strider Honeymonkey Exploit Detection System, the project uses automated Windows XP clients to surf questionable parts of the Web looking for sites that compromise the systems without any user interaction. In the latest experiments, Microsoft has identified 752 specific addresses owned by 287 Web sites that contain programs able to install themselves on a completely unpatched Windows XP system.

Honeymonkeys, a name coined by Microsoft, modify the concept of honeypots--computers that are placed online and monitored to detect attacks.

1 Comments:

At Fri Aug 12, 10:54:00 AM PDT, Anonymous Anonymous said...

So what is Microsoft doing with the information they have gathered? Have they taken any action to shutdown these sites or have they posted the addresses of this dangerous sites so people or ISP's can block them?

 

Post a Comment

<< Home