We can see a continued evolution of attacks and responses. Personally I do not believe that forcing a monthly patch cycle is a good idea, critical patches should be available sooner.

So perhaps we will come up with a response to this type of targetted attack, but then another way to circumvent implemented measures will be found.

Investing in training and better coding practices will continue to pay off.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/231/1093#1093