Hackers may bank their Windows XP zero-day exploits and cash them in after Microsoft stops patching the aged operating system next April.
From Computerworld:
From Computerworld:
Hackers could find themselves in the catbird seat on April 8, 2014 -- the day Microsoft plans to stop patching Windows XP. As security expert Jason Fossen sees it, those who have zero-day exploits for XP will bank them until that day and then sell them to crooks or loose them themselves on unprotected PCs.Hackers may cash in when XP is retired
It's simply economics at work, said Fossen, a trainer for the SANS Institute since 1998.
"The average price on the black market for a Windows XP exploit is $50,000 to $150,000, a relatively low price that reflects Microsoft's response," said Fossen. When a new vulnerability -- dubbed a "zero-day" -- is detected, Microsoft investigates, pulls together a patch and releases it to XP users.