Abstract | ||
---|---|---|
Zero-Day vulnerabilities are an intriguing and ever increasing problem. Microsoft has been one of the more exploited companies having Zero-Day vulnerabilities. This paper intends to identify some relationships within the Zero-Day vulnerabilities identified in nineteen news articles from 2010. We tried to collect data on vulnerability report date, attack report date, vulnerability patch date, vulnerability life cycle category, exploit implemented, Microsoft product affected, and affected functionality. Based on these data, we analyzed the duration between vulnerability notification date and attack date, the distribution of different vulnerability life cycle categories, the most common Microsoft product affected, and the most common exploitation technique used. Our data shows that Potential for Attacks is the most common vulnerability life cycle category, Windows XP SP3 is the most affected system, and the most common exploitation technique is by using malicious code without user input. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1145/2016039.2016131 | ACM Southeast Regional Conference 2005 |
Keywords | Field | DocType |
recent microsoft zero-day vulnerability,vulnerability notification date,common vulnerability life cycle,attack date,different vulnerability life cycle,zero-day vulnerability,vulnerability life cycle category,vulnerability patch date,attack report date,common exploitation technique,vulnerability report date,zero day attacks,life cycle,white hat hacker | World Wide Web,Vulnerability (computing),Computer science,Computer security,White hat,Exploit,Vulnerability management,Zero-day attack,Vulnerability | Conference |
Citations | PageRank | References |
0 | 0.34 | 1 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Nathaniel Evans | 1 | 0 | 0.34 |
Xiaohong Yuan | 2 | 169 | 26.72 |