vulnerabilities in snapshots?

Many programs need to be updated to avoid security vulnerabilities. As far as I understand these vulnerabilities can be exploited (in some cases) even if the program is not run anymore. E.g Java is constantly updated due to a number of issues (including many security issues) and as the old versions are not automatically removed, the advice is to remove these manually via add/remove.

I am wondering if any unpatched software in backup snapshots could "theoretically" be exploited? If I were to boot in these snapshots, of course I could update and patch whatever needs attention but what about those slumbering snapshots for the potential emergency?

 

if you are working in one snapshot I'm pretty sure that another snapshot that you are not using currently could not be exploited the way you described.

Thanks,

Chris

 

It would be good to keep external archives.

SourMilk out

 

external archives are a great feature but that's not the issue. I do keep a few easily accessible snapshots on my drive for immediate boot-up and if something stored in there could be exploited, then that would be an issue from a security point of view.