Seven myths about zero day vulnerabilities debunked

Discussion in 'other security issues & news' started by MrBrian, Aug 3, 2010.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Thanks for posting!

    This is one of the best summaries of the current scene I've seen.

    To illustrate his contention that old patched vulnerabilities are still the most common: looking in the current exploit kits, almost all have the IE6 vulnerability from 2006, MS06-014 MDAC.

    When Mebroot re-emerged last year, f-secure found this exploit at the top of the list in drive-by exploits as a means for installing the malware.

    His reference to Conficker's success recalls Microsoft's chastizing in the media that the patch for that vulnerability had been available 2 months before Conficker emerged on the scene.

    ----
    rich
     
  3. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    I don't know why, but I have nothing but trouble with that zdnet page.
    Using IE8, tried to click the Print icon and could not print.
    The page would go away and then IE would recover it.
    It was just a mess when I tried printing.
    :doubt:
     

    Attached Files:

    Last edited: Aug 3, 2010
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    Good read, thanks!
     
  5. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Interestins :cool:
     
Loading...
Thread Status:
Not open for further replies.