Re: Windows vulnerability vs Linux vulnerability [Re: Would a firewall

From: Rowland (
Date: 05/07/04

Date: Fri, 07 May 2004 14:38:04 -0400

Lars M. Hansen wrote:

>On Thu, 06 May 2004 12:10:53 -0400, Rowland spoketh
>>1. So security patches are a bad thing? In that case, don't install any!
>No, the patches are not bad, but there's a correlation between
>vulnerabilities and patches that you're missing. Usually, there's a
>patch for a vulnerability, thus by counting patches one can approximate
>the number of vulnerabilities.
I'm not missing the correlation. I'm questioning it. You haven't
controlled for all the variables here. That's my point. All patches
are not equal.

Check out my Java, SQL and Python samples at
For sale: Unique and energy efficient hobbit home in New Hampshire:

Relevant Pages

  • [Full-Disclosure] RE: Internet explorer 6 execution of arbitrary code (An analysis of the 180 Soluti
    ... And again each and every one of the method caching vulnerabilities liu and ... individuals, there I many many reasons why I dislike pivx, but I don't think ... registry patches nothing more, nothing less.. ... But ask yourself how seriously can you take a company that names 5 registry ...
  • RE: Patching
    ... There seems to be at least 5 or 6 new vulnerabilities released on ... As information security people, ... at those patches you need for what you do have running. ... network analyzers. ...
  • Re: Which Router for VPN and Webhosting
    ... > hats find the vulnerabilities before the white hats do. ... > seem to get most of their holes patched before the exploits hit the net. ... patches. ... who took a one-year "web programming" course, ...
  • Re: [Full-disclosure] Getting Off the Patch
    ... There are something like 800 heterogeneous servers where I work. ... As for having to spend a lot of cycles testing patches, ... engineer who has been playing this patching game for 20 years. ... who want audit verification of how vulnerabilities are being mitigated. ...
  • Re: controversial paper
    ... > vulnerabilities not related to Blaster were still not patched. ... the same as "Microsoft hatred" as you claimed there. ... >of and has developed patches for. ... WORMS rely on publicly known issues. ...