This presentation introduces methods used by hackers/attackers to hunt vulnerabilities in Microsoft Windows products, such as Internet Explorer and the Windows operating system. These include reverse engineering, surfing the Web, and diffing Microsoft modules. The presentation also covers why these methods are innovative or significant, and includes an important tutorial. Attackers can use these methods to hunt for zero‐day exploits. Summary of the points we plan to cover: * Introduce past zero‐day exploits * Discuss how they were found * Why attackers hunt for zero‐days * How a programmer's bug is a hacker's treasure * Microsoft silently fixed vulnerabilities * Hunting zero‐days the easy way: DIFFING!