two
Volume 3, Number 42 -- December 6, 2006

eEye Launches Zero-Day Vulnerability Tracker

Published: December 6, 2006

by Alex Woodie

Worried about zero-day exploits? You probably should be, according to eEye Digital Security, a Southern California security researcher and security software developer. Yesterday, eEye unveiled a Web portal where anybody can go to check on the latest zero-day exploits and prepare strategies to counter them.

According to eEye's Zero-Day Tracker portal, which is available at research.eeye.com/html/alerts/zeroday/index.html, there are seven zero-day vulnerabilities that are currently active, including six in Microsoft products, and one in an Adobe product.

In addition to tabulating a list of the problems, eEye tells you how many days it's been since the flaw was first discovered, which is something it offered previously on its research portal as a way to keep pressure on vendors to fix the problems. In some cases, the vendors appear to be very tardy with fixes. For example, the RPC Memory Exhaustion vulnerability in Windows was first found more than 380 days ago, and still hasn't been patched. Luckily, it's classified as a low-risk vulnerability, but there are plenty of unpatched high-severity risks for hackers to choose from.

The rise of zero-day exploits instigated eEye to launch the Zero-Day Tracker, says Marc Maiffret, eEye's founder and CTO. "The increasing proliferation of zero-day vulnerabilities means the previous window of opportunity IT had to secure networks between the release of a software patch and an attack has been slammed shut," he says.

"More zero-day security vulnerabilities and attacks are being discovered every day and dealing with them can easily dominate an enterprise's IT efforts. As a result, we've been overwhelmed by requests from our customers to give them the information and time they need to protect their networks. Our Zero-Day Tracker is a direct response to this tremendous demand," he says.

Sponsored By
WOLF COMPUTER CONSULTING

Reliable service and affordable rates for all
of your business computing needs.

                                             * Network Design/Installation/Support
                                             * Network Printing/Digital Print Migration
                                             * Upgrades and Troubleshooting
                                             * Training
                                             * Graphic Design
                                             * Virus Removal
                                             * Consulting

Wolf is a Microsoft Certified Systems Engineer and
Microsoft Certified Systems Administrator.

Contact Wolf
Email: info@wolfconsult.net
Fax: 973-293-0100
Phone: 914-443-5534
Editor: Alex Woodie
Contributing Editors: Dan Burger, Joe Hertvik,
Shannon O'Donnell, Timothy Prickett Morgan
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

Micro Focus:  Develop, extend and deploy applications with Server Express and Enterprise Server
OpenLogic:  Install, integrate, test, manage, and learn over 120 open source projects with BlueGlue
COMMON:  Join us at the Spring 2007 conference, April 29 - May 3, in Anaheim, California

 
THIS ISSUE SPONSORED BY:

Vision Solutions
World Data Products
MKS
Lakeview Technology
Wolf Computer Consulting



TABLE OF CONTENTS
Microsoft Completes the 'Triple Launch'

Dell Carves Out Energy-Efficient PowerEdge Server Line

Microsoft's Business Intelligence Plan for the Masses

AMD Creates Two-Socket Athlon FX Variant, Demos Quad-Core Opteron

But Wait, There's More:

Microsoft Unveils Expression Studio Design Tools . . . Sentillion Overhauls Remote Access Offering . . . Phishing, Zero-Days Top Symantec's Security List . . . eEye Launches Zero-Day Vulnerability Tracker . . . Gartner Predicts Half of Data Centers Will Run Out of Power by 2008 . . . Disk Array Sales Keep Revving in Q3, Says IDC . . .

The Windows Observer

BACK ISSUES

The Four Hundred
The System iWant, 2007 Edition

PwC Consultants Predict an IT Talent Shortage

Saving the System i: Fight Rather Than Switch

The X Factor: You Can't Steal What's Free, But You Can Pay a Lot for Something That Isn't Worth It

The Linux Beacon
Novell Previews Open Enterprise Server 2, Delays SLES 10 SP1

Hitachi Brings BladeSymphony Blade Servers to North America

AMD Creates Two-Socket Athlon FX Variant, Demos Quad-Core Opteron

As I See It: Behavioral Redlining

Big Iron
IBM's Last, Best Shot at the Big Iron Client

Top Mainframe Stories and Vendor Announcements

Chats, Webinars, Seminars, Shows, and Other Happenings

The Unix Guardian
Server Sales Perk Up a Little Bit in the Third Quarter

Cray, IBM Win Final Round of Giant DARPA HPCS Program

Sun Releases Java Under GPL Open Source License

As I See It: The Other "Tude"


 
Subscription Information:
You can unsubscribe, change your email address, or sign up for any of IT Jungle's free e-newsletters through our Web site at http://www.itjungle.com/sub/subscribe.html.

Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc., 50 Park Terrace East, Suite 8F, New York, NY 10034

Privacy Statement