Your IT Support Experts - Homepage

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Home

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

(703) 359-9211

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

Macro Systems Blog

Macro Systems has been serving the Metro Washington, DC area since 1997, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Google Strengthens Zero-Day Exploit Research

b2ap3_thumbnail_google_research_400.jpgWith all of the zero-day exploits popping up lately, such as the GameOver Zeus malware and Heartbleed bug a few months ago, it only makes sense to step up research on how and why it occurs. Google is doing just that with its new research program, rightfully dubbed Project Zero.

Zero-day vulnerabilities are classified as vulnerabilities against which no vendor has released a patch, making them highly dangerous and easily exploitable. These vulnerabilities target both corporate and consumer users alike, and are generally able to avoid detection by the general public until the patch has been released. Zero-day attacks are mostly unexpected, and are often used in targeted attacks to execute malicious code.

Google might already have a bounty system in place for those who find exploits in their products, but this initiative takes things a step further. The idea behind Project Zero is to fund research for any popular software on which many people depend upon, and ways to limit the damage and exploitation of these programs in the event of a zero-day attack.

Additionally, Google has created an external database which will hold the research results. Rather than immediately let the public know about exploitations and vulnerabilities, Google waits until the problem becomes public or has been patched. This is presumably to prevent hackers from knowing about the flaw and exploiting it, and gives third-party developers a chance to patch it before causing a big fuss over nothing.

The interesting thing about this endeavor is that it is open to the general public, but it has not been explained how researchers can sign up for the project. Discussions concerning vulnerabilities and exploitations will be available to the general public post-patching, including how long it took the vendor to fix the problem (if it were fixed at all).

This is good news for those who praise Google's role in finding vulnerabilities in software. The search-engine giant has an impressive track record of research into Microsoft and Apple's software vulnerabilities, and they often credit Google for reporting vulnerabilities directly to them. Similar to Google, Microsoft also has a program for research, but unlike the "bug bounty" feature of Google's Project Zero, Microsoft doesn't reward those who notify them of product vulnerabilities.

If you are ever concerned about the status of your network's security, contact Macro Systems at 703-359-9211. We'll work with you to keep your systems up-to-date and as safe as can be from the latest security threats and vulnerabilities.

Old Mobile Devices Might Be Hurting Your Business’...
Alert: Google and Yahoo Doppelgangers Threaten the...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, December 22, 2024

Captcha Image

Customer Login


Contact Us

Learn more about what Macro Systems can do for your business.

(703) 359-9211

Macro Systems
3867 Plaza Drive
Fairfax, Virginia 22030