Replugge wrote: > The fact that exploit code is made available after the patch > is released, > is probably because the researchers > Made the vulnerability publicly available at same time as the > patch was > released, otherwise MS wouldnt give > Credit to the researchers for the vuln.
Not only that, but I have always suspected the reason for the close follow-up releasing exploits after patch release is because the value of the 0-day that had been used for whatever purposes the writer wanted was now null. At that point, her pride takes over and she releases her work for the world to see. Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
