14 DAY TRIAL // The week of Windows Vista bugs is not anywhere close to what it has set up to be. And in all fairness, it is nothing at all. The week of Vista bugs was designed to appear as an independent security research product built to expose "new undisclosed vulnerabilities, flaws, exploitation techniques, with advanced technical details and zero-days, related to Microsoft Windows Vista." Following the initial announcement, the WOVB creator announced that it had been just a hoax. "I thought about a simple, quite funny, April fool," the author, identified as only JA, revealed.
WOVB was intended to fall under the category of one vulnerability a day hunt, a trend that was debuted by the Month Of Browser Bug launched by HD Moore. The media failed to pick up on it, and outlets remained silent for the most part. I was expecting Microsoft to confirm WOVB before I reported it, and the wait proved its worth. The Redmond Company failed to publicly confirm the validity of the week of Vista bugs. But even Microsoft bought it initially.
"The week of Vista vulns...wasn't. Turns out to be a hoax. A hoax with a stated purpose, but a hoax nonetheless. I'm sure however that at some point people will collect a number of vulns in Vista and try to do one of these "Week of" (a week? Aren't these things supposed to be "month of"?) things with Vista. If someone does, please be sure to send the vulns over to [email protected] to help us get them addressed," commented Microsoft's Stephen Toulouse, senior program manager for the Trustworthy Computing Group.
Still, both Microsoft and Symantec approached the original reports of WOVB as a valid project that would disclose genuine Windows Vista vulnerabilities.