|
|
|
|
|
|
by jpgvm
694 days ago
|
|
|
Microsofts products aren't full of security holes. If you have an 0day on fully patched Windows that is worth a pretty penny, which implies they aren't they easy to come by. They aren't worth quite as a much as an iOS 0day but they are by no means cheap. Of course if you think otherwise you can be making 7 figures per bug (assuming you are OK selling to brokers for the 3 letter agencies) so go dig some up? |
|
|
They are though, just look at Exchange[1] and what problems Microsoft itself has.[2] There is no such thing as a "secure Microsoft product". Microsoft is single-handedly responsible for making the IT world worse because they do not care and have a monopoly.
>If you have an 0day on fully patched Windows that is worth a pretty penny, which implies they aren't they easy to come by.
It's what the market pays for it, not what it's actually worth as you have already pointed out. Three-letter agencies buy these 0-days themselves for a big sum and support the black market so the prices go even higher because they have infinite money.
[1] https://en.wikipedia.org/wiki/2021_Microsoft_Exchange_Server...
[2] https://edition.cnn.com/2024/04/02/tech/us-government-micros...