
Windows Task Scheduler Zero Day Exploited by Malware - rbanffy
https://www.bleepingcomputer.com/news/security/windows-task-scheduler-zero-day-exploited-by-malware/
======
FLUX-YOU
>Malware developers have started to use the zero-day exploit for Task
Scheduler component in Windows, two days after proof-of-concept code for the
vulnerability appeared online.

That's not a zero-day.

It literally stops being a zero-day after the initial day.

~~~
_wmd
I don't know what communities you hang around, but there has never been some
strict definition of 0day in infosec. 0day colloquially applies to anything
circulating that didn't follow reasonable vendor disclosure, as was the case
here

~~~
TeMPOraL
What? First time I hear of it. Not infosec, and yet I was under impression
_for years_ now that in colloquial usage, "0day" means "exploited before the
problem was known publicly". It stops being a 0day after any info about it
hits the press/social media.

~~~
Covzire
Once a zero-day, always a zero-day IMO.

~~~
op00to
What is it called the day after you are aware of it. Zero day still? That
makes no sense.

~~~
Doxin
It makes sense if you think of the identifier "zero day" as a sort of birth-
identity.

As far as I'm aware 0day refers to having zero days of notice to fix the bug.
That doesn't change the day after it comes out, it's still zero days of
notice.

------
AgentK20
Previous discussion about the exploit when it was first tweeted:
[https://news.ycombinator.com/item?id=17859589](https://news.ycombinator.com/item?id=17859589)

------
jtr_47
Interesting, with all of the money that Microsoft has, why can't they fix
these backdoors and exploits? For many years now, MS Windows has been the
"most" exploited OS in our history.

Maybe they're under an NDA with our, USA government thus allowing all these
issues to exist.

I know they can fix these issues. They have the manpower and money to do so.

The community should start pressuring them to fix their OS and plug those back
door holes and exploits.

Peace

~~~
benaadams
> MS Windows has been the "most" exploited OS in our history.

Doesn't look that way

Top 50 Products By Total Number Of "Distinct" Vulnerabilities
[https://www.cvedetails.com/top-50-products.php](https://www.cvedetails.com/top-50-products.php)

    
    
      Vulns  Product
      

1\. 2124 Linux Kernel Linux OS

2\. 2084 Mac Os X Apple OS

3\. 1924 Android Google OS

4\. 1741 Firefox Mozilla App

5\. 1664 Debian Linux Debian OS

6\. 1546 Chrome Google App

7\. 1495 Iphone Os Apple OS

8\. 1123 Ubuntu Linux Canonical OS

9\. 1103 Windows Server 2008 Microsoft OS

10\. 1057 Flash Player Adobe App

11\. 984 Safari Apple App

12\. 961 Windows 7 Microsoft OS

13\. 951 Internet Explorer Microsoft App

14\. 951 Acrobat Adobe App

15\. 856 Thunderbird Mozilla App

16\. 818 Windows Vista Microsoft OS

17\. 784 Opensuse Novell OS

18\. 731 Windows Server 2012 Microsoft OS

19\. 731 Windows Xp Microsoft OS

20\. 698 Seamonkey Mozilla App

21\. 685 Acrobat Reader Adobe App

22\. 665 Windows 8.1 Microsoft OS

23\. 641 Mac Os X Server Apple OS

24\. 636 Windows 10 Microsoft OS

~~~
craftyguy
That list inconsistently splits some things by version (windows), and groups
others (Debian, android, etc).

What it says is that a _single_ version of Windows had more than half as many
CVEs as the entire Linux kernel has ever had. That doesn't exactly support
what you are trying to convey. If you add up all windows versions, it would
top the list.

~~~
benaadams
That's because the vulns are repeated across the Windows versions, adding the
versions together counts the same vuln multiple times

~~~
justwalt
I’m not sure if it’s worse to have the same vulnerability across two versions,
or to have two distinct vulnerabilities.

~~~
craftyguy
It's almost like saying "vulnerabilities in our code exist for decades before
they are noticed by anyone (with a whitehat)".

Sure, that happens in open source projects too (openssl anyone?), but it seems
like an exception rather than a rule. If there are so many of these multiple-
version vulnerabilities in Windows that the author of the list had to
specifically break Windows into individual versions, then that speaks for
itself.

