Forgot your password?
typodupeerror

Comment yeah, this is a problem, but how do you fix it? (Score 1) 2

AFAICT, this article is showing how to create exploits from patches. This is a hard problem to fix, though. After all, a patch is revealing some information about the patched vulnerability. It seems like at best attackers will always be able to figure out what was patched, and the best we can do is slow them down.
Security

Submission + - Windows Update Can Hurt Security (cmu.edu) 2

An anonymous reader writes: Researchers at Carnegie Mellon University have shown that given a buggy program and a patch, it is possible to automatically create an exploit. They demonstrate this by showing automatic patch-based exploit generation for several Windows vulnerabilities and patches can be achieved within a few minutes of when a patch is first released. From the article: "One important security implication is that current patch distribution schemes which stagger patch distribution over long time periods, such as Windows Update, ... can detract from overall security, and should be redesigned." The full paper is available as PDF, and will appear at the IEEE Security and Privacy Symposium in May.

Slashdot Top Deals

BASIC is the Computer Science equivalent of `Scientific Creationism'.

Working...