Cyber criminals will bank their Windows XP zero-day vulnerabilities until after Microsoft stops patching the aged operating system next April, a security expert argued today.
From Computerworld:
From Computerworld:
Jason Fossen, a trainer for SANS since 1998 and an expert on Microsoft security, said it's simply economics at work.XP's retirement will be hacker heaven
"The average price on the black market for a Windows XP exploit is $50,000 to $150,000, a relatively low price that reflects Microsoft's response," said Fossen. When a new vulnerability -- dubbed a "zero-day" -- is spotted in the wild, Microsoft investigates, pulls together a patch and releases it to XP users.