Hackers exploit Windows patches

Hackers exploit Windows patches
By Mark Ward
BBC News Online technology correspondent

Malicious hackers and vandals are lazy and wait for Microsoft to issue patches before they produce tools to work out how to exploit loopholes in Windows, say experts.




Exploits get written once patches appear
Instead of working it out for themselves, malicious hackers are reverse engineering the patches to better understand the vulnerabilities, said David Aucsmith, who is in charge of technology at Microsoft's security business and technology unit.

In a keynote speech to the E-Crime Congress organised by Britain's National Hi-Tech Crime Unit, Mr Aucsmith said the tools that hackers were producing were getting better and shrinking the time between patches being issued and exploits being widely known.

"We have never had vulnerabilities exploited before the patch was known," he said.

more......