MS05-039 exploits prove that pacthing "window" is getting shorter and shorter and...
Gergg Keizer writes in TechWeb News:
Although the initial attack on Windows 2000 PCs by bot worms exploiting a week-old vulnerability hasn't grabbed much traction, the way hackers jumped on the bug is proof that the patching "window" is virtually non-existent, said security experts Tuesday.
"The last week showed once more that there is no more patch window," wrote Johannes Ullrich, chief research officer at the SANS Internet Storm Center, in the group's daily alert. "Defense in depth is your only chance to survive the early release of malware."
Exploits were circulating within three days of Microsoft disclosing the Plug and Play vulnerability and offering up a patch, and within five days, several bot worms -- notably Zotob.a and Zotob.b -- were attacking systems.
0 Comments:
Post a Comment
<< Home