Oct
23
2008
Caught your eye on that one. It seems there is a new vulnerability/exploit out there that MSFT so “bad” that they have resleased an out of band patch. How bad is it, well let’s just say you should patch all your windows system ASAP. I am not going to analyze this patch again, as many others have done so already.
Just 2 words for you – PATCH IT
As of 11:00 PM PST there is a known working Exploit in the wild in the form of a worm.
Read all about this in teh links below.
Microsoft Patch Notification
Microsoft TechNet Blog entry
Microsoft TechNet Blog Entry more about
The normal SANS Stuff
Exploit information links below
Good blog entry on the worm/exploit – ThreatExpert
Another Good Entry – Team Furry
Comment as you see fit.
Oct
14
2008
Today AV in it’s traditional form should be dead. It has taken me sometime to catch up on my RSS feeds but it was worth the time. As I got down toward the end I ran across this item from Secunia – Symantec beats the competition.., now since I am not a fan of Symantec I was very interested in what this had to say.
As it turns out Secunia did a test of 12 internet security suites and the results where lets say less than desireable. The test was to throw 300 exploits to known vulnerabilities at the 12 and see how well their detection rate was. Over all – one word FAIL. So does this mean that you are not safe well sort of.
Even the “high” score from Symantec was disappointing. Symantec detected a mere 64 out of 300 exploits, or less than one-fourth, leaving 236 exploits undetected!
Read more here http://secunia.com/blog/29/
and
here are the test results http://secunia.com/gfx/Secunia_Exploit-vs-AV_test-Oct-2008.pdf
Stay tuned for What’s Next for AV
