Security Incidents mailing list archives
RE: Releasing patches is bad for security
From: "Ross M. W. Bennetts" <rbennett () une edu au>
Date: Fri, 27 Feb 2004 09:39:10 +1100
The vulnerability was discovered by Eeye Digital Security in July 2003 but no exploits were produced until three days after Microsoft's patch became available.
[Ross M. W. Bennetts] But if a hacker did produce an exploit wouldn't he/she be more likely to use it surreptitiously for their own private purposes and then only release it to the kiddies on the net after the patch has been released? --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Releasing patches is bad for security Chris Brenton (Feb 26)
- RE: Releasing patches is bad for security Dave Paris (Feb 26)
- Re: Releasing patches is bad for security Clint Bodungen (Feb 26)
- RE: Releasing patches is bad for security Curt Purdy (Feb 26)
- Re: Releasing patches is bad for security Pall Thayer (Feb 26)
- Re: Releasing patches is bad for security mgotts (Feb 26)
- RE: Releasing patches is bad for security Ross M. W. Bennetts (Feb 26)
- RE: Releasing patches is bad for security Brian Taylor (Feb 29)
- RE: Releasing patches is bad for security Ross M. W. Bennetts (Feb 26)
- Re: Releasing patches is bad for security james (Feb 26)
- RE: Releasing patches is bad for security ELLIS, STEVEN (Feb 27)
- Re: Releasing patches is bad for security james (Feb 27)
- Re: Releasing patches is bad for security Meritt James (Feb 27)
- RE: Releasing patches is bad for security ELLIS, STEVEN (Feb 27)
- <Possible follow-ups>
- RE: Releasing patches is bad for security Gary Nichols (Feb 26)
- Re: Releasing patches is bad for security Joe Miller (Feb 29)