Re: New article on SecurityFocus

From: Thor (Hammer of God) (thor@hammerofgod.com)
Date: Thu Jan 05 2006 - 16:59:49 EST


> A few hundred million Windows XP machines lay vulnerable on the Web today,
> a
> week after a zero-day exploit was discovered. Meanwhile, new approaches
> and
> ideas from the academic world - that focus exclusively on children - may
> give us hope for the future after all.
>
> http://www.securityfocus.com/columnists/377

Sorry, but it's not going to happen. Yes, it is a serious vulnerability,
but there will be no Armageddon here. Comparing this to the RPC
vulnerability (which had worm potential) is specious.

Overall, I think community's coverage of wmf has been delivered with an
ounce of perception, and a pound of obscurity. It's almost as if people
*want* it to be worse than it is. I'm not surprised, of course. But
regardless, my call is that we'll see a little activity here and there, the
patch will come out, most will install it (or have it installed
automatically) and the whole issue will fade away. But that's all.

We'll know for sure shortly, either way.

t

-----
"I may disapprove of what you say,
but I will defend to the death your
right to say it."

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:19 EDT