If you get compromised by the zero day attack and sensitive information is obtained by the attacking party
Then it is a reason to be concerned and probably important that you address the situation and probably panic a little. If you do not get compromised by the zero day attack Then it is not a big concern. ---- read at your own risk. =========================== and relating to an earlier thread.... ============================ If you are not running a virus scanner and your system gets infected, by a trojan, worm, spyware, adware, malware, ransomware, scareware, pests, or any other malware that is out there ...The it might be time to reevaluate your decision on running a virus scanner. If you are not running a virus scanner and your system does not get infected by anything, then obviously, you do not need to be running a virus scanner. andy0 At 12:26 PM 10/19/2011, Erik Goldoff wrote: >there's a point of reference here ... unless a zero day exploit is >EXTREMELY aggressive in propagating around the world ( and drawing >even more attention to its vector ) it will NOT be the most >pervasive and therefore not the largest cause of issues. Zero day >exploits take time to propagate and by the time they have >opportunity to reach the same saturation rates as other malware they >are no longer zero day. > >Spin it how you like. And 72.4% of all statistics are made up on the spot. > >On Tue, Oct 18, 2011 at 3:23 PM, Michael B. Smith ><<mailto:[email protected]>[email protected]> wrote: >I don't get it. Sorry, I don't. > >If (as the article says) only one-tenth of one percent of issues are >caused by zero-days; then that's not even a blip on the radar. > >That doesn't mean "don't be vigilant" and "don't have good processes >and procedures", at least not to me. It means that pursuing a >well-rounded defense in depth strategy is the proper course - as always. > >Regards, > >Michael B. Smith >Consultant and Exchange MVP ><http://theessentialexchange.com/>http://TheEssentialExchange.com > > >-----Original Message----- >From: Kurt Buff [mailto:[email protected]] >Sent: Tuesday, October 18, 2011 3:19 PM >To: NT System Admin Issues >Subject: Re: Zero-day bugs overrated, Microsoft says > > From the article: > >"We're not saying don't worry about zero-days. But they need to be put >into context," said Jeff Jones, a director of security with >Microsoft's Trustworthy Computing group. "For the person who has >security as a day-to-day job, they need to worry about the things that >are most prevalent and most severe." > >Hmmm.... > >What is a zero-day except the most severe thing - caught, and not >merely with your knickers down, but effectively no knickers at all. > >Yes, patch - first, last and always - but the proliferation of >software diversity makes that very hard. > >Don't Panic? Well, that's only useful advice if you take it to mean >that you shouldn't start a full-bore linear run into whatever obstacle >is in your way. On the other hand, if your blood pressure isn't rising >to dangerous levels because of the situation, you probably don't know >what the hell is going on, or else your IT policy is hated by your end >users because they can't install their favorite malware magnets. > >Kurt > >On Tue, Oct 18, 2011 at 08:18, David Lum ><<mailto:[email protected]>[email protected]> wrote: > > Thoughts? > > > <http://www.computerworld.com/s/article/9220705/Zero_day_bugs_overrated_Microsoft_says?taxonomyId=85>http://www.computerworld.com/s/article/9220705/Zero_day_bugs_overrated_Microsoft_says?taxonomyId=85 > > > > David Lum > > Systems Engineer // NWEATM > > Office <tel:503.548.5229>503.548.5229 // Cell (voice/text) > <tel:503.267.9764>503.267.9764 > > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >~ ><<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > >~ > >--- >To manage subscriptions click here: ><http://lyris.sunbelt-software.com/read/my_forums/>http://lyris.sunbelt-software.com/read/my_forums/ >or send an email to ><mailto:[email protected]>[email protected] >with the body: unsubscribe ntsysadmin > > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >~ ><<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > >~ > >--- >To manage subscriptions click here: ><http://lyris.sunbelt-software.com/read/my_forums/>http://lyris.sunbelt-software.com/read/my_forums/ >or send an email to ><mailto:[email protected]>[email protected] >with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
