First There Were Zero-day Vulnerabilities. Now They are Five Days.

It used to be M$ would announce a bunch of vulnerabilities once a month and the malware artists would get a standing start to sabotage the world’s IT. Today the clock is ticking on four vulnerabilities announced four days before Patch Tuesday. That means the bad guys have a five-day headstart on most folks using that other OS. Time to quit that. I suggest using Debian GNU/Linux. It works for you not the bad guys. I remember when my employer used that other OS and I had to update systems currently in use all over the building… Of course M$ announced the vulnerabilities in the middle of our work day so I had to wait hours until folks had gone home for dinner to unleash the hounds, updating 7 servers and 100 clients. This week I would be losing sleep on day 0-Friday, day 1-Saturday, day 2-Sunday, day 3-Monday, day 4-Tuesday and into day 5-Wednesday to hunt down the reluctant updaters… I am glad I am not on the job in an M$ shop this week.

UPDATE Here’s what SANS thinks of the vulnerabilities. Several that M$ thinks are “important” are classed as “critical” by SANS, things like remote code execution in your word-processor.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.

This entry was posted in technology. Bookmark the permalink.

2 Responses to First There Were Zero-day Vulnerabilities. Now They are Five Days.

  1. oiaohm says:

    Ivan define fix. Inside the first 12 hours a operational hack around the issue existed for the most recent apache bug.

    Lot of MS secuirty patches are in the same class just blocking access to defective part. Repair to defective part comes latter.

    Proper complete fix took a few weeks. But you did not have to be exposed that long.

  2. Ivan says:

    So how long did it take the Apache Foundation to fix that last DoS?

Leave a Reply

Your email address will not be published. Required fields are marked *