Web Hosting Security

  Home arrow Web Hosting Security arrow Zero Day Tracker Launches to Provide C...
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WEB HOSTING SECURITY

Zero Day Tracker Launches to Provide Comprehensive Updates on Vulnerabilities
By: wubayou
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 1
    2010-09-29

    Table of Contents:

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     

    SEARCH WEB HOSTERS

    TOOLS YOU CAN USE

    advertisement
    Do you trust your software provider to reveal and remedy vulnerabilities in their software quickly? Do they do it quickly enough for you? Would you appreciate a service independent of your vendor that lets you find zero day vulnerabilities more quickly? Keep reading to learn Eeye Digital Security's response to this problem.

    A zero-day vulnerability is a hole or a weakness in software that has not yet been fixed or patched by the software's developers. These vulnerabilities are prime targets for hackers who choose to exploit them for their benefit. While most computer users have a tendency to rely on vendors such as Microsoft or Adobe for updated information on such vulnerabilities, they are not necessarily the speediest or most reliable sources due to a variety of factors. To provide the computing public with a new source of information regarding zero-day vulnerabilities, Eeye Digital Security launched a new website in the past few days known as the Zero Day Tracker.

    The Zero Day Tracker is a way for the public to view up-to-date lists of zero-day vulnerabilities that currently exist, as well as those that have been patched in the past. The Eeye website lists the vulnerabilities that have already been disclosed publicly, even if those disclosures did not come from the vendors themselves.  Each listing has detailed information, such as the severity of the hole, its potential impact, the software it affects, and how one can protect themselves until it gets patched.

    The necessity for the Zero Day Tracker site was explained by Eeye's chief technology officer and co-founder, Marc Maiffret. Maiffret explained that while a couple of companies such as Microsoft and Adobe do report their zero-day holes, the majority still do not, leaving the pubic uninformed and susceptible to attacks by hackers. With the Zero Day Tracker site, the public now has a “one-stop shop,” as he described it, for such information. The website's layout is such that visitors can easily find the most recent unpatched holes, as they are listed at the top.  Visitors can find details on patched zero-day holes by year, dating back to 2005.  As of right now, the site lists 21 unpatched holes, with the most recent appearing on September 17 of this year. The oldest unpatched hole is from November of 2005.

    There are other resources on the web that list zero-day vulnerabilities, although it has been said that they are harder to navigate. The Department of Homeland Security's National Vulnerability Database is the one that is most widely used.  Others include the US-CERT Vulnerability Notes Database, the Open Source Vulnerability Database, and the SecurityFocus Vulnerabilities Database.

    As for which companies dominate the zero-day listings, Microsoft is at the top, although Apple has not been exempt either. While there is an existing notion that Apple products are safer against attacks, Maiffret stated that it is not necessarily true. He stated that the enormous market for Windows users and the amount of systems running the software makes it a target more worthy of a hacker's time. If they can successfully affect Windows software, it will reach a wider audience.

    The creation of the Zero Day Tracker site was not only meant to help inform the public. It was also developed to put pressure on software vendors. According to Maiffret, the act of disclosing zero-day holes will cause vendors to take swift action to patch them to avoid negative publicity.

    To read more on this topic, visit http://news.cnet.com/8301-27080_3-20017356-245.html


    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    More Web Hosting Security Articles
    More By wubayou

    WEB HOSTING SECURITY ARTICLES

    - For Online Security, Invest in People
    - World`s Third-Largest Botnet Bites the Dust
    - Yahoo Security Breach Highlights Poor Practi...
    - How to Prevent Mobile Malware
    - FBI Issues Internet Security for Travelers a...
    - More of the Top Internet Scams
    - How to Stop Phishing Scams
    - Social Networking Safety Tips
    - How to Avoid Financial Fraud Online
    - Android`s Most Notorious Trojans and Viruses
    - GFI Report Details Top 10 Threat Detections ...
    - Sophos Releases Security Threat Report 2012
    - Facebook Safety Tips for 2012
    - Email Scam Hits Apple Users
    - Tips for Mobile Security

    Developer Shed Affiliates

     




    © 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap