System patching 0-days and ancient-day vulnerabilities



There’s a good article at Michael Sutton’s Blog which points out something that really makes sense and I think many people are aware of, but with all the buzz that a new previously undisclosed vulnerability has, we forget. The point is this, there are plenty of machines online vulnerable to ancient flaws that have been known (in some cases for years.) In his article, he does a search for one specific vulnerability and finds targets. Some of the comments speculate that some may be honeypots, but I would doubt that a high percentage are and suspect that most are the real deal.


I see zero-day ( 0-day ) exploits as a news tool to grab peoples attention and encourage them to patch EVERYTHING. Kind of like a virus that is on the television news encourages EVERYONE to make sure they’ve got up-to-date antivirus protection. Unfortunately to most people a pc is an appliance, like a toaster that either works or it doesn’t. If it works, then great – that’s what it’s for, if not, they either get it fixed or replace it. (That comes down to a cost decision.) Of course, with a toaster these days it’s replace…. People tend to treat software the same way. Updates aren’t typically thought of by MOST software users. (It’s working fine – why should I update?) This is why I think software vendors need to distinguish more clearly between feature and maintenance/security updates and consider more automated ways to implement maintenance/security updates.

   Send article as PDF   

Similar Posts