The time between a vulnerabilities announcement, and the release of code that exploits it, has gone down dramatically. It was around 4 months until recently. Then you look at all the stuff leveraging the RPC hole and it took less than two weeks. Crazy.
Once upon a time we would wait 4 or 6 months after the release of a patch to make sure it was stable. That's not going to be an option anymore. Tim -----Original Message----- From: Larry C. Lyons [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 11:12 AM To: CF-Community Subject: Re: Latest From M$ I say around a week. larry At 09:22 AM 9/4/2003 -0500, you wrote: >I give it 2 weeks. >-d > >----- Original Message ----- >From: "Larry C. Lyons" <[EMAIL PROTECTED]> >To: "CF-Community" <[EMAIL PROTECTED]> >Sent: Thursday, September 04, 2003 9:11 AM >Subject: RE: Latest From M$ > > > > At 10:01 AM 9/4/2003 -0400, you wrote: > > >It's been a rough month and it doesn't seem like it's going to ease up > > >anytime soon :( > > > > > >Tim > > > > So any bets on how soon a new worm or trojan using this exploit will be > > making the rounds? > > > > larry > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:5 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5 Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
