In fact now continue to be exploited, especially through exploits pack, a large number of vulnerabilities that many have been settled more than two years ago.
However, when these vulnerabilities are of type 0-Day, the problem is power. Cases such as "Operation Aurora" which has recently been bandied about by exploiting a vulnerability in the type 0-Day Internet Explorer 6. Yes, you read that right ... Internet Explorer 6 and currently is being used to spread malware mass but only through version 6, but also on the 7 and 8.
The vulnerability is identified as CVE-2010-0249, and as was the case with the vulnerability exploited by the worm conficker (MS08-067) where automated creation, has recently met a builder that automates the creation of the exploit for Internet Explorer in an extremely simple question that is common in such applications.
On the other hand, exploits automation generates a gap, revealing that many operations "disguised" as part of campaign of distraction after simple attacks, are closely related to intelligence affairs.
Automatización en la creación de exploits
Process Automation anti-analysis II
Automating processes anti-analysis through of crimeware
Jorge Mieres Ver más