Patch Tuesday--let the attacks begin

TalkBack 21 of 55:: Next »; « Previous

Thread View
Flat View

Mentioned that alternative in the original post.: But the idea that malware writers wait until the day after patch issuance to escape a fix from Microsoft for a slightly longer period did not seem compelling to me.
Could be correct, just not immediately compelling.

An idea published in ZDNet previously is that malware writers study patches to find vulnerabilities, and then use the information to attack unpatched pc's.
That seemed more compelling to me.

Anyway, the problems with unrelated malware releases after patch include:
- AV companies identify and respond to a new outbreak before Microsoft could issue a patch, so concentrating on patching dates seems inefficient, and
- if the malware were issued a day, a week, even two weeks before the patch date and the vulnerability required effort to solve, the chances of hitting the scheduled patch date are low. And then the malware writer gets the advantage of the following full month.

If patch date were the main issue, malware writers would be trying to issue as much before a patch date as they felt they safely could.; Posted by: Anton Philidor Posted on: 07/26/06 You are currently: a Guest | Members login | Terms of Use

Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Patch Tuesday--let the attacks begin Loverock Davidson | 07/25/06

I call BS... Patrick Jones | 07/25/06

Heck, I open them just Hrothgar - PCLinuxOS User | 07/25/06

I don't Loverock Davidson | 07/26/06

Underestimated user stupidity superbus | 07/25/06

no, it's just overestimating user's intelligence... n michael_t | 07/25/06

I appreciate the reminder CTSTechs.com | 07/25/06

Those were the days... Zeppo9191 | 07/25/06

nomorems | 07/25/06

Barefoot, of course. swoopee | 07/26/06

hey... mypl8s4u2 | 07/26/06

Creating paranoia mypl8s4u2 | 07/26/06

Are the malware writers... Anton Philidor | 07/25/06

I think j.m.galvin | 07/25/06

Is that a third possibility? Anton Philidor | 07/25/06

Depends on the nature of the exploit NonZealot | 07/25/06

Maybe they reverse engineer the patch MacGeek2121 | 07/25/06

Perhaps, Hrothgar - PCLinuxOS User | 07/25/06

The security companies... Anton Philidor | 07/26/06

missed the point? GDF | 07/26/06

Mentioned that alternative in the original post. Anton Philidor | 07/26/06

MS Always behind in everything, except the icons ... wink

michael_t | 07/25/06

Articles in ZDNet... Anton Philidor | 07/25/06

ironically, creeps leverage MS's tools more than MS... wink

.. michael_t | 07/25/06

And you know this how? John Zern | 07/25/06

Fix old or new first? Anton Philidor | 07/26/06

yes, but.... mypl8s4u2 | 07/26/06

I told you mypl8s4u2 | 07/26/06

The problem isn't having a regular patching cycle. enduser_z | 07/25/06

Is an out-of-band patch really needed for these? PB_z | 07/25/06

Hey, I don't smoke! Reverend MacFellow | 07/25/06

Hey, neither do I! ccamp43276@... | 07/25/06

Sounds like a little professional work is needed .... houchens | 07/25/06

I like your prose... nomorems | 07/25/06

The solution ... Resuna | 07/25/06

Word/Exce/Powerpoint viewers? NonZealot | 07/25/06

or use linux galileon | 07/25/06

hash the mail Sam66 | 07/25/06

Yes, SSL or PGP/GPG signed email... MV_z | 07/26/06

patch the patches hilda4jc | 07/25/06

Must read for security professionals BillPStudios | 07/25/06

A tad xenophobic there, Bob ? Clockwork Computer | 07/25/06

Huh, did I read xenophobic? peeseebeeb@... | 07/25/06

Don't be silly Dr_Zinj | 07/26/06

What do you mean by "Industrial ... " jmusto@... | 07/25/06

Responsibility mcnuttja@... | 07/25/06

hacked jan133 | 07/25/06

patch for xp firewall jan133 | 07/25/06

Dont bother with XP firewall kokuryu | 07/26/06

We hate Microsoft! ruud@... | 07/26/06

Get a muff pistol Loranap1 | 07/26/06

Let's attack each other Boot_Agnostic | 07/26/06

Windows XP is now Patched! Dilberter | 07/26/06

The only real solution gdstark13 | 07/26/06

having to wait mypl8s4u2 | 07/26/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Enterprise Applications

Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!

New Online Dashboard

Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline

Read the original story

Patch Tuesday--let the attacks begin

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Enterprise Applications

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads