how often do 0-days REALLY happen?

["leon" <leon () inyc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi everyone,

I have been reading this list for a couple of years now and I just
got done reading hacker's challenge.  Great book (hi to everyone who
contributed and reads this list, I know David D is one of them).  The
book is quite unique in how it goes about presenting itself. 
Basically it is 20 challenges (here is what happened, here are the
logs, and here are some questions).  At the end of the book are the
solutions (how a security professional figured out xy and most
importantly z).  The reason I wrote the subject heading as I did is
because throughout the book they show case after case of remote
exploit all for vulns that are months old.  On this list and the sec
basics I constantly (relative I know) hear people talking about being
compromised by vulns that patches have been available for, for
months.  So I ask upon you incidents list (ye who have SO MUCH more
experience then I) do systems being compromised by zero day exploits
really happen (I am sure they happen but I am really curious as to
the frequency and how a professional goes about dealing with a never
seen before exploit.)  Just figured I would throw that out there and
see how everyone responds because I was thinking about it on the walk
home (hey, shoot me, it is cold in nyc, gotta do something to keep
from freezing). 

Cheers & TIA,

Leon

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPDuGj9qAgf0xoaEuEQI/WgCfQQNfGWqTRDZefFmT80WhIOTdYPYAoKV8
wpaiOoiq6Q55TXu/NctJOWYN
=x7uY
-----END PGP SIGNATURE-----


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com