On CBS MoneyWatch: Report: Tiger to Pay Wife $60 Million
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 29 of 55:
Next »
« Previous
The problem isn't having a regular patching cycle.
Much is being made of "Patch Tuesday", but as I see it the problem isn't bundling up all of the "standard" patches for release once a month, but instead:

1) Failing to patch a known issue (not currently being exploited) in a timely manner. To the extent that MS is guilty of this, I don't think the extra two weeks (on average) that a monthly patch cycle introduces is the real problem.

2) MS's reluctance to issue an off cycle patch for zero day exploits or serious vulnerabilities for which proof of concept code exists.

The Blog doesn't come out and say this, but I think item 2 is what he is really talking about. Waiting until the day after the monthly patches are released only gives the black hats an advantage if they can predict that MS won't issue an off cycle patch. This is of course the same point George Ou made in a separate blog very recently.
Posted by: enduser_z   Posted on: 07/25/06 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Patch Tuesday--let the attacks begin  Loverock Davidson | 07/25/06
I call BS...  Patrick Jones | 07/25/06
Heck, I open them just  Hrothgar - PCLinuxOS User | 07/25/06
I don't  Loverock Davidson | 07/26/06
Underestimated user stupidity  superbus | 07/25/06
no, it's just overestimating user's intelligence... n  michael_t | 07/25/06
I appreciate the reminder  CTSTechs.com | 07/25/06
Those were the days...  Zeppo9191 | 07/25/06
wink  nomorems | 07/25/06
Barefoot, of course.  swoopee | 07/26/06
hey...  mypl8s4u2 | 07/26/06
Creating paranoia  mypl8s4u2 | 07/26/06
Are the malware writers...  Anton Philidor | 07/25/06
I think  j.m.galvin | 07/25/06
Is that a third possibility?  Anton Philidor | 07/25/06
Depends on the nature of the exploit  NonZealot | 07/25/06
Maybe they reverse engineer the patch  MacGeek2121 | 07/25/06
Perhaps,  Hrothgar - PCLinuxOS User | 07/25/06
The security companies...  Anton Philidor | 07/26/06
missed the point?  GDF | 07/26/06
Mentioned that alternative in the original post.  Anton Philidor | 07/26/06
MS Always behind in everything, except the icons ... wink  michael_t | 07/25/06
Articles in ZDNet...  Anton Philidor | 07/25/06
ironically, creeps leverage MS's tools more than MS... wink ..  michael_t | 07/25/06
And you know this how?  John Zern | 07/25/06
Fix old or new first?  Anton Philidor | 07/26/06
yes, but....  mypl8s4u2 | 07/26/06
I told you  mypl8s4u2 | 07/26/06
The problem isn't having a regular patching cycle.  enduser_z | 07/25/06
Is an out-of-band patch really needed for these?  PB_z | 07/25/06
Hey, I don't smoke!  Reverend MacFellow | 07/25/06
Hey, neither do I!  ccamp43276@... | 07/25/06
Sounds like a little professional work is needed ....  houchens | 07/25/06
I like your prose...  nomorems | 07/25/06
The solution ...  Resuna | 07/25/06
Word/Exce/Powerpoint viewers?  NonZealot | 07/25/06
or use linux  galileon | 07/25/06
hash the mail  Sam66 | 07/25/06
Yes, SSL or PGP/GPG signed email...  MV_z | 07/26/06
patch the patches  hilda4jc | 07/25/06
Must read for security professionals  BillPStudios | 07/25/06
A tad xenophobic there, Bob ?  Clockwork Computer | 07/25/06
Huh, did I read xenophobic?  peeseebeeb@... | 07/25/06
Don't be silly  Dr_Zinj | 07/26/06
What do you mean by "Industrial ... "  jmusto@... | 07/25/06
Responsibility  mcnuttja@... | 07/25/06
hacked  jan133 | 07/25/06
patch for xp firewall  jan133 | 07/25/06
Dont bother with XP firewall  kokuryu | 07/26/06
We hate Microsoft!  ruud@... | 07/26/06
Get a muff pistol  Loranap1 | 07/26/06
Let's attack each other  Boot_Agnostic | 07/26/06
Windows XP is now Patched!  Dilberter | 07/26/06
The only real solution  gdstark13 | 07/26/06
having to wait  mypl8s4u2 | 07/26/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

SmartPlanet

Click Here