, SecurityFocus 2003-07-30
LAS VEGAS--Software security holes never die, they fade from the Internet at a rate of 50% every thirty days after a patch is released, according to the results of a study released at the Black Hat Briefings security conference here Wednesday.
Expand all |
Post comment
Panel Probes the Half-life of Bugs
2003-08-02
comp-secure (at) iservhost.com (dot) au [email concealed]
comp-secure (at) iservhost.com (dot) au [email concealed]
LSD *DID* alert Microsoft prior to releasing the details of the bug. They had exploit code but withheld it. *ANOTHER* group crafted the exploit code and released it.
It's *BECAUSE* LSD held back on publicly releasing the details of the bug that Microsoft was able to have a patch out when the release was made. Let's not chide on LSD for doing the right thing here.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/6568/21118#21118