VUPEN is an anti-security company that roots out vulnerabilities in common operating systems and programs and sells these vulnerabilities to governments, police forces and others who want to use them to build malicious software to let them spy on people (we've written about them before). Now they claim to have found vulnerabilities in Windows 8 and Internet Explorer 10, and have put these up for sale to customers who want to use them to hijack other peoples' computers.
Our first 0day for Win8+IE10 with HiASLR/AntiROP/DEP & Prot Mode sandbox bypass (Flash not needed) is ready for customers. Welcome #Windows8
— VUPEN Security (@VUPEN) October 30, 2012