Again, we have a bunch of customers who are all "Vulnerable" (because all Windows machines are) who are also trying to find out if they are "at any risk whatsoever" from SSLMAGEDON. This is especially important because the patch has issues <http://aws.amazon.com/security/security-bulletins/ms14-066-advisory/> and so people have to do a complex triage calculus with it.
Right now we're in a situation where nobody knows how bad the bug really is going to be so while exploit writers are racing to get something working, noone is truly sure if they are exposed. Of course, the denial of service is a lot easier to trigger than full remote code execution. And yet you'll notice that many IIS-based web sites are still reachable! That means people are pretty nice in this world! A voice for hope. -dave
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
