Microsoft moves to triple hackers' exploit development costs

SEATTLE: Microsoft is looking to stop the use of software exploits to target businesses and consumers by increasing the upfront cost required to develop such attacks.

Trustworthy Computing security science development lead Jonathan Ness claimed that the company will make exploit-based attacks a thing of the past by increasing the cost required to discover, weaponise and exploit vulnerabilities.

"We're moving to remove the low hanging fruit for hackers," said Ness.

"We are doing this three ways; increasing the cost to discover and weaponise exploits and shortening how long the hacker can use them."

Ness highlighted investment in mitigation measures and discovery and patching technologies as key ways the company was achieving these three goals.

The TwC developer said that it was Microsoft's goal to triple the investment costs facing cyber criminals seeking to exploit software vulnerabilities.

"We want to make it so expensive to create a working exploit that the only way is to spend a year developing an exploit, so the script kiddies won't be able to exploit the fully patched software anymore," said Ness.

"Our vision is that we want working exploits to be as rare as crypto (encryption) breaks."

The news follows previous warnings that many businesses have once again become wary of automatic software updates. F-Secure's research chief Mikko Hypponen made the claim after it was revealed that the infamous Flame malware had successfully managed to mimic Microsoft's signature.