|
|
|
|
|
|
by acdha
981 days ago
|
|
|
It’s not uncommon for groups like CISA to recommend blocking things from the internet or disabling a particular feature which is part of the exploit but not critical to the entire app. They also proactively notify users in some cases (e.g. industrial systems) so everyone knows to install the patch as soon as it’s released. As a simple analogy, look at how the Kia lock vulnerabilities are being handled. Yes, it’s best if you can repair everything but it’s not without value to make sure everyone affected knows the risk so they can change their behavior or buy a separate lock until then. |
|
|