Seven myths about zero day vulnerabilities debunked

MrBrian · Aug 3, 2010

http://www.zdnet.com/blog/security/seven-myths-about-zero-day-vulnerabilities-debunked/7026

Rmus · Aug 3, 2010

Thanks for posting!

This is one of the best summaries of the current scene I've seen.

To illustrate his contention that old patched vulnerabilities are still the most common: looking in the current exploit kits, almost all have the IE6 vulnerability from 2006, MS06-014 MDAC.

When Mebroot re-emerged last year, f-secure found this exploit at the top of the list in drive-by exploits as a means for installing the malware.

His reference to Conficker's success recalls Microsoft's chastizing in the media that the patch for that vulnerability had been available 2 months before Conficker emerged on the scene.

----
rich

Page42 · Aug 3, 2010

I don't know why, but I have nothing but trouble with that zdnet page.
Using IE8, tried to click the Print icon and could not print.
The page would go away and then IE would recover it.
It was just a mess when I tried printing.

elapsed · Aug 3, 2010

Good read, thanks!

Noob · Aug 3, 2010

Interestins

Log in or Sign up

Seven myths about zero day vulnerabilities debunked

MrBrian Registered Member

Rmus Exploit Analyst

Page42 Registered Member

Attached Files:

zdnet page.jpg

elapsed Registered Member

Noob Registered Member

Log in or Sign up

Seven myths about zero day vulnerabilities debunked

MrBrian Registered Member

Rmus Exploit Analyst

Page42 Registered Member

Attached Files:

zdnet page.jpg

elapsed Registered Member

Noob Registered Member

Useful Searches