Nimda struck in 2001 – a year after Microsoft issued a patch for the security hole in Internet Explorer. In 2003, Slammer exploited a vulnerability for which a patch had been issued six months earlier. Then with Blaster, the window was down to three weeks. “If you had no time to patch in 2001, and no time to patch in 2003, what about now with three weeks? And what about the Zotob worm – five days?�

Emphasising the scale of the patch management problem confronting enterprises today, Viren Mantri (left), principal with McAfee’s Strategic Security Services, Southeast Asia and India, points out, “As soon as a vulnerability is disclosed, it is almost sure there will be an exploit. A lot of people say Microsoft is the culprit, but it is not a question of Microsoft or Linux or Oracle or Cisco. Any OS or platform will have vulnerabilities.�

Applications have inherent vulnerabilities or ride on vulnerable platforms, agrees Ken Low, senior manager, Security, 3Com Asia Pacific.

Read this full article at Computer World

Write Comment
Please keep the topic of messages relevant to the subject of the article. Personal verbal attacks will be deleted. Please don't use comments to plug your web site.. Such material will be removed.
Name:
Title:
Comment:
Code:*

Powered by AkoComment!