SSLMAGEDON 2014 means the world is a nice place.

[Dave Aitel <dave () immunityinc com>]

Again, we have a bunch of customers who are all "Vulnerable" (because
all Windows machines are) who are also trying to find out if they are
"at any risk whatsoever" from SSLMAGEDON. This is especially important
because the patch has issues
<http://aws.amazon.com/security/security-bulletins/ms14-066-advisory/>
and so people have to do a complex triage calculus with it.

Right now we're in a situation where nobody knows how bad the bug really
is going to be so while exploit writers are racing to get something
working, noone is truly sure if they are exposed. Of course, the denial
of service is a lot easier to trigger than full remote code execution.

And yet you'll notice that many IIS-based web sites are still reachable!
That means people are pretty nice in this world! A voice for hope.

-dave

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave