myITforum.com Community Forum myITforum.com Community Forum

Home  Forums  Blogs  Live Support chat  Search Articles  Wiki  FAQ  Email Lists  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

All Forums RSS Feed Subscription:


  


Microsoft implements new Exploitability Index for Security Releases

 
View related threads: (in this forum | in all forums)

Logged in as: Guest
  Printable Version
All Forums >> [Security, AntiVirus, and Patching] >> Breaking Virus & Security News >> Microsoft implements new Exploitability Index for Security Releases Page: [1]
Login
Message << Older Topic   Newer Topic >>
Microsoft implements new Exploitability Index for Secur... - 8/6/2008 8:39:33 AM   
hwaldron


Posts: 3586
Score: 264
Joined: 9/12/2002
From: Roanoke VA, USA
Status: offline 		Starting with the October 2008 security bulletins, Microsoft will include valuable information related to how likely exploits might be developed for each individual security update.  This new rating system can help administrators better identify higy priority updates.  All security updates are of a critical nature and after testing they should be applied as quickly as possible.   

Microsoft implements new Exploitability Index for Security Releases
http://blogs.technet.com/ecostrat/archive/2008/08/05/predicting-the-future-microsoft-launches-an-exploitability-index.aspx
http://blogs.zdnet.com/security/?p=1632
http://www.informationweek.com/news/security/management/showArticle.jhtml?articleID=209903295

QUOTE: The Microsoft Exploitability Index aims to help IT administrators prioritize patches by rating the likelihood that vulnerabilities will be exploited.
 
The Exploitability Index is Microsoft's attempt to deal with what has become an unfortunate, predictable pattern: Microsoft issues a Security Bulletin and cybercriminals answer with code designed to exploit the newly disclosed vulnerabilities.

Starting with its October patch cycle, Microsoft plans to rate the likelihood that vulnerabilities will be exploited. It will do so to help administrators prioritize patches.

Vulnerabilities will be rated with one of three designations: Consistent Exploit Code Likely, Inconsistent Exploit Code Likely, and Functioning Exploit Code Unlikely. The first designation describes a vulnerability that would produce consistent results if exploited; the second designation describes a vulnerability that is difficult to exploit or would produce inconsistent results; the third designation describes a vulnerability that would be very difficult to exploit and thus might not warrant an immediate patch.

_____________________________


Harry Waldron - Security News & Best Practices Blog
Post #: 1
Page:   [1]
All Forums >> [Security, AntiVirus, and Patching] >> Breaking Virus & Security News >> Microsoft implements new Exploitability Index for Security Releases Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts



  
Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.297