On last.fm: Taylor Swift photos and free music!
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 21 of 28:
Next »
« Previous
Let me give you an answer.
"Is it worse to have 4 exploits for 1 vulnerability or to have only
1 exploit?"

If your system isn't patched* It is much worse to have multiple
exploits, because, if your system isn't patched, you can only
avoid exploits if you can recognize them, so if they take a new
form, there's a chance that it may look like something the user
recognizes as valid, so the exploit will succeed. For example,
and exploit involving a PayPal account will immediately be
recognized as bogus by users who don't have PayPal accounts,
but one based on eBay might succeed i they happen to have an
eBay account.

_______
*There are many reasons why some systems go unpatched,
including lack of information, lack of time, patches that break
critical functionality, and vulnerabilities for which no patch has
been made available.
Posted by: Haterock Davidsfather   Posted on: 12/03/05 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

This is so common no one cares to comment anymore (NT)  too_much green_tea | 12/01/05
except..  Jeff Spicoli | 12/01/05
Then why...  Haterock Davidsfather | 12/01/05
Then why... do some people still not get it?  Jeff Spicoli | 12/01/05
Bravo , bravo !!!  I'm Ye, the MS SHILL . | 12/01/05
thankie Mr. Rooty  Jeff Spicoli | 12/01/05
Aw, c'mon. Be nice!  B.O.F.H. | 12/01/05
Out of curiosity  too_much green_tea | 12/01/05
Lemme fill you in  Jeff Spicoli | 12/01/05
it does have a flaccid ring to it, doesn't it?  Jeff Spicoli | 12/01/05
Nice...  toadlife | 12/01/05
That's funny  Jeff Spicoli | 12/01/05
Oh I'm sorry, I should have known.  toadlife | 12/01/05
no need for sensitivity  Jeff Spicoli | 12/02/05
happy  too_much green_tea | 12/01/05
That was cute, eh?  Jeff Spicoli | 12/01/05
Thursday  Len Rooney | 12/01/05
Thursday  Len Rooney | 12/01/05
Let me ask a question  NonZealot | 12/01/05
Just to nit pick here...  Cardinal_Bill | 12/01/05
Let me give you an answer.  Haterock Davidsfather | 12/03/05
Darn you zdnet geeks have been busy  Boot_Agnostic | 12/01/05
class of attack  ipfresh@... | 12/02/05
Complacency  whisperycat | 12/02/05
Wait...I'll take this one....  timoute | 12/02/05
Wait...I'll take this one....  timoute | 12/02/05
Ooopppss....  timoute | 12/02/05
Whatever...YAAAAWN!!!!  btljooz | 12/02/05

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
Click Here
advertisement

SmartPlanet

Click Here