French IT security company Vupen has bragged on Twitter that it already has a Windows 8 exploit on offer. Apparently, the exploit combines several unpatched (0-day) security holes in the new version of Windows and the bundled Internet Explorer 10 browser to inject malicious code into systems via specially crafted web pages.
The exploit allegedly bypasses all of Windows 8‘s malware protection features: for example the Address Space Layout Randomization (ASLR) function that Microsoft has extended in the current edition of Windows to cover more system areas and offer improved randomization. Vupen claims that the exploit also bypasses the Data Execution Prevention (DEP) and ROP features as well as Internet Explorer’s sandbox-like Protected Mode.
A patch for the exploited holes may not become available in the foreseeable future: Vupen said that it discovered the vulnerabilities itself and doesn’t plan to disclose them to Microsoft. The company is only offering its exploit to its paying customers, among them government investigation authorities. Should Microsoft close the holes, the elaborate exploit would significantly decrease in value