[Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

[n3td3v]

There is no evidence of 0day in the wild for the upcoming patches and
Microsoft have released no information to suggest so.

On Fri, Nov 7, 2008 at 4:18 PM,  <Valdis.Kletnieks at vt.edu> wrote:
> 2) There's a very high chance that at least some percent of the black-hat
> community is sitting on a 0-day exploit for these, that they've been using
> for directed attacks under the radar (and in fact, a good chance that the
> bulletin was issued because somebody's attack *didn't* go under the radar,
> and that's how the white hats got a copy of the exploit).  This bulletin
> is a heads-up to those black hats that their 0-day is going to be dropping
> in value a lot starting Tuesday - so it's "smoke em if you got em" time.
>
> For bonus points - compute what percent of advisories released next week
> that *claim* to be reverse-engineering of the binary diff are actually
> drops of 0-days that just became useless... ;)