Security News > 2021 > May > Is it OK to publish PoC exploits for vulnerabilities and patches?
In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof of concepts for vulnerabilities and associated patches.
While publishing PoC exploits for patched vulnerabilities is common practice, this one came with an increased risk of threat actors using them to attack the thousands of servers not yet protected.
On the one hand, publishing PoC exploits helps researchers understand the attack so they can build better protections.
What was the risk to the global community when the PoC was published? A week after the patch was released and the PoC was published, perhaps half of vulnerable global servers still weren't protected.
Clearly the timing of the published PoC played a role in the global havoc.
Draw the line at publishing details about reverse engineered patches; creating, forking and improving fully functional exploit scripts; and handing over fully functioning PoC scripts to the world - including threat actors - before patches can be fully implemented.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/em0uepXrB6w/
Related news
- 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits (source)
- Adobe warns of critical ColdFusion bug with PoC exploit code (source)
- New botnet exploits vulnerabilities in NVRs, TP-Link routers (source)
- FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks (source)
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- Cisco warns of denial of service flaw with PoC exploit code (source)