Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Patches pose significant risk, researchers say
Robert Lemos, SecurityFocus 2008-04-23

A group of four computer scientists urged Microsoft to redesign the way it distributes patches, after they created a technique that automatically produces attack code by comparing the vulnerable and repaired versions of a program.

Comments Mode:
Patches pose significant risk, researchers say 2008-04-24
Anonymous (1 replies)
This research is good research, though I'm skeptical that the techniques are going to be generally applicable. Finding the exploitable function is usually the easy part. How to get the data there is the hard part. However, the credibility of the paper is called into question with the implication ...

[ more ]  [ reply ]
Re: Patches pose significant risk, researchers say 2008-05-05
Anonymous
So from what I can understand of the issue it may be better to not patch at all then to patch and expose the flaw. ...

[ more ]  [ reply ]
Huh 2008-04-24
Anonymous (7 replies)
"Microsoft found that a third of the flaws patched by the company were exploited either before or after the update was released."

I would think that 100% of exploits are exploited either before or after the patch....

[ more ]  [ reply ]
Re: Huh 2008-04-24
Anonymous
Flaw != Exploit

Exploit = Doing bad things with flaw...

[ more ]  [ reply ]
Re: Huh 2008-04-25
Anonymous
flaws != exploits... Most flaws are never exploited...

[ more ]  [ reply ]
Re: Huh 2008-04-25
Anonymous
Some (or apparently, most) of them are discovered internally, or reported by security researchers. I definitely would've guessed higher than 1/3, though....

[ more ]  [ reply ]
Re: Huh 2008-04-25
Anonymous
I think you are missing the obvious here..

Obviously the patch exploits the other two thirds at the time of release. ;)...

[ more ]  [ reply ]
Re: Huh 2008-04-25
Anonymous
I think what the article meant to say is that a third of the flaws patched by Microsoft are actually exploited. I agree, the wording is a bit confusing......

[ more ]  [ reply ]
Re: Huh 2008-04-25
Anonymous
I think they are saying that are exploits for 1/3 of the vulnerabilities....

[ more ]  [ reply ]
Re: Huh 2008-04-25
Robert Lemos
First, I will admit the wording is a bit strange, so it will be fixed.

However, there are three cases:

1) the flaw is exploited before the patch is released,

2) the flaw is exploited after the patch is released, and

3) the flaw is not exploited at all.

The original statement is just saying...

[ more ]  [ reply ]
Patches pose significant risk, researchers say 2008-04-24
Anonymous
Researcher: "Hey. I can automatically discover vulnerabilities and generate exploits for them 5 seconds after I have the patch".

Joe Dude: "So what does that mean?"

Researcher: "This proves Windows Update is broken".

Thats like saying "We've discovered that glass windows can be broken by r...

[ more ]  [ reply ]
On the recommendations for Microsoft... 2008-04-25
Mohit
I am not sure these recommendations are a good idea...on my blog I explained why

http://securetheworld.blogspot.com/2008/04/should-microsoft-encryptobfuscate.html...

[ more ]  [ reply ]
Patches pose significant risk, researchers say 2008-04-27
Anonymous
I guess this means unpatched vulnerabilities are safer?

There are many flaws that are not made public that are being exploited....

[ more ]  [ reply ]
Found something new to blame Microsoft for? 2008-04-28
Gordon Fecyk
s/Microsoft/Red Hat, s/Microsoft/Apple, s/Microsoft/Ubuntu, s/Microsoft/Symantec... shall I go on?

You could do a search and replace with any software company's name, and succeed in writing a scathing article about them.

In fact......

[ more ]  [ reply ]
Patches pose significant risk, researchers say 2008-05-01
Anonymous
researchers pose a significant risk too...

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus