funsec mailing list archives
Re: Anti-virus coverage of 12122006-djtest.doc Word PoC extremely poor
From: Gadi Evron <ge () linuxbox org>
Date: Thu, 14 Dec 2006 07:39:20 -0600 (CST)
On Thu, 14 Dec 2006 Valdis.Kletnieks () vt edu wrote:
On Thu, 14 Dec 2006 06:34:47 CST, Gadi Evron said:On Thu, 14 Dec 2006, Juha-Matti Laurio wrote:This has been confirmed as totally new, third zero-day vulnerability in Word, which is the reason of missing protection with the most recent McAfee DATs e tc.Related SecuriTeam entry has been updated.Okay, but let's try to call not call it a 0day.Forget it Gadi, we've lost that battle, just as we did many years ago for 'hacker vs cracker'. Remember - the number of people who have actually gotten whacked by what used to be called a 0-day is *very* limited. For the vast majority of actual users out there, the *vastly* bigger threats are: 1) Disclosed vulnerabilities with exploits and no available patches. 2) Disclosed vulnerabilities with exploits and no installed patches. (and of course (3) getting whacked by clicking on something that promises pictures of Britney Spears dancing with naked hamsters, or some such...)
This battle is not lost. If we call it the right name and talk to the press using the right terms, it is not lost yet. Maybe it should be, but it is really confusing when it gets to the professional community. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Anti-virus coverage of 12122006-djtest.doc Word PoC extremely poor Juha-Matti Laurio (Dec 13)
- it isn't a 0day Re: Anti-virus coverage of 12122006-djtest.doc Word PoC extremely poor Gadi Evron (Dec 14)
- <Possible follow-ups>
- Re: Anti-virus coverage of 12122006-djtest.doc Word PoC extremely poor Juha-Matti Laurio (Dec 13)
- Re: Anti-virus coverage of 12122006-djtest.doc Word PoC extremely poor Gadi Evron (Dec 14)
- Re: Anti-virus coverage of 12122006-djtest.doc Word PoC extremely poor Valdis . Kletnieks (Dec 14)
- Re: Anti-virus coverage of 12122006-djtest.doc Word PoC extremely poor Gadi Evron (Dec 14)
- Re: Anti-virus coverage of 12122006-djtest.doc Word PoC extremely poor Valdis . Kletnieks (Dec 14)
- Re: Anti-virus coverage of 12122006-djtest.doc Word PoC extremely poor Brian Loe (Dec 14)
- Re: Anti-virus coverage of 12122006-djtest.doc Word PoC extremely poor Gadi Evron (Dec 14)