Patches pose significant risk, researchers say

Patches pose significant risk, researchers say
Robert Lemos, SecurityFocus 2008-04-23

A group of four computer scientists urged Microsoft to redesign the way it distributes patches, after they created a technique that automatically produces attack code by comparing the vulnerable and repaired versions of a program.

Expand all | Post comment

Patches pose significant risk, researchers say 2008-04-24
Anonymous (1 replies)

Re: Patches pose significant risk, researchers say 2008-05-05
Anonymous

Huh 2008-04-24
Anonymous (7 replies)

Re: Huh 2008-04-24
Anonymous

Re: Huh 2008-04-25
Anonymous

Re: Huh 2008-04-25
Robert Lemos

Patches pose significant risk, researchers say 2008-04-24
Anonymous

Researcher: "Hey. I can automatically discover vulnerabilities and generate exploits for them 5 seconds after I have the patch".

Joe Dude: "So what does that mean?"

Researcher: "This proves Windows Update is broken".

Thats like saying "We've discovered that glass windows can be broken by rock-wielding thieves. We therefore conclude that 911 calls aren't processed fast enough".

Talk about a non-sequitur. Lets focus on protection mechanisms and not response mechanisms, shall we? Response mechanisms are vital, but should not be given greater priority than protection.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11514/35052#35052

On the recommendations for Microsoft... 2008-04-25
Mohit

Patches pose significant risk, researchers say 2008-04-27
Anonymous

Found something new to blame Microsoft for? 2008-04-28
Gordon Fecyk

Patches pose significant risk, researchers say 2008-05-01
Anonymous