How do know you haven't already been compromised by a 0day? Seriously - how do you know?
On Wed, Oct 19, 2011 at 14:20, andy <[email protected]> wrote: > If you get compromised by the zero day attack and sensitive information is > obtained by the attacking party > > Then it is a reason to be concerned and probably important that you address > the situation and probably panic a little. > > > If you do not get compromised by the zero day attack > > Then it is not a big concern. > > ---- > > read at your own risk. > > =========================== > and relating to an earlier thread.... > ============================ > > If you are not running a virus scanner and your system gets infected, by a > trojan, worm, spyware, adware, malware, ransomware, scareware, pests, or any > other malware that is out there ...The it might be time to reevaluate your > decision on running a virus scanner. > > If you are not running a virus scanner and your system does not get infected > by anything, then obviously, you do not need to be running a virus scanner. > > > andy0 > > > > At 12:26 PM 10/19/2011, Erik Goldoff wrote: > > there's a point of reference here ... unless a zero day exploit is EXTREMELY > aggressive in propagating around the world ( and drawing even more attention > to its vector ) it will NOT be the most pervasive and therefore not the > largest cause of issues. Zero day exploits take time to propagate and by > the time they have opportunity to reach the same saturation rates as other > malware they are no longer zero day. > > Spin it how you like. And 72.4% of all statistics are made up on the spot. > > On Tue, Oct 18, 2011 at 3:23 PM, Michael B. Smith <[email protected]> > wrote: > I don't get it. Sorry, I don't. > > If (as the article says) only one-tenth of one percent of issues are caused > by zero-days; then that's not even a blip on the radar. > > That doesn't mean "don't be vigilant" and "don't have good processes and > procedures", at least not to me. It means that pursuing a well-rounded > defense in depth strategy is the proper course - as always. > > Regards, > > Michael B. Smith > Consultant and Exchange MVP > http://TheEssentialExchange.com > > > -----Original Message----- > From: Kurt Buff [ mailto:[email protected]] > Sent: Tuesday, October 18, 2011 3:19 PM > To: NT System Admin Issues > Subject: Re: Zero-day bugs overrated, Microsoft says > > From the article: > > "We're not saying don't worry about zero-days. But they need to be put > into context," said Jeff Jones, a director of security with > Microsoft's Trustworthy Computing group. "For the person who has > security as a day-to-day job, they need to worry about the things that > are most prevalent and most severe." > > Hmmm.... > > What is a zero-day except the most severe thing - caught, and not > merely with your knickers down, but effectively no knickers at all. > > Yes, patch - first, last and always - but the proliferation of > software diversity makes that very hard. > > Don't Panic? Well, that's only useful advice if you take it to mean > that you shouldn't start a full-bore linear run into whatever obstacle > is in your way. On the other hand, if your blood pressure isn't rising > to dangerous levels because of the situation, you probably don't know > what the hell is going on, or else your IT policy is hated by your end > users because they can't install their favorite malware magnets. > > Kurt > > On Tue, Oct 18, 2011 at 08:18, David Lum <[email protected]> wrote: >> Thoughts? >> >> http://www.computerworld.com/s/article/9220705/Zero_day_bugs_overrated_Microsoft_says?taxonomyId=85 >> >> David Lum >> Systems Engineer // NWEATM >> Office 503.548.5229 // Cell (voice/text) 503.267.9764 > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
