|
|
|
|
|
|
by matt_wulfeck
3319 days ago
|
|
|
I've seen a lot of security people sticking to "this is not an 0day you idiots" retort, downplaying the importance of the leak. Frankly I think that's a pedantic argument that ignores too much of the real world. The NSA leaks contained previously undisclosed security vulnerabilities that were patched only because they were stolen. In MSFT's case it was less than 30 days, and they basically skipped a patch week to make it happen. It's manifestly obvious that 0day and 30day can both be considered extremely dangerous in the real world. |
|
|