|
|
|
|
|
|
by EdHominem
3424 days ago
|
|
|
They could have a solution out the door in less than 24h but it may be a mitigation (ie, disable the service) rather than a proper fix. But that's pretty easy. In fact, it's usually the first thing an engineer does when verifying a bug report - "Ok I've reproduced it, now let's shut off the service and make sure the problem goes away." Release a patch that disables the vulnerable service and give people a way to bypass that and turn it back on once they've taken proper internal measures. (Read the CVE, block ports, etc...) |
|
|