News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • What does “Exploitation less likely” really mean?

    Home Forums AskWoody blog What does “Exploitation less likely” really mean?

    • This topic has 3 replies, 3 voices, and was last updated 1 month ago.
    Viewing 1 reply thread
    • Author
      Posts
      • #2297529 Reply
        woody
        Da Boss

        All of Microsoft’s separately identified security holes – CVEs in the parlance – are given an “Exploitability Index” level. Microsoft’s official defin
        [See the full post at: What does “Exploitation less likely” really mean?]

      • #2297534 Reply
        numike
        AskWoody Lounger

        Homeland Security issues rare emergency alert over ‘critical’ Windows bug
        https://techcrunch.com/2020/09/19/homeland-security-emergency-alert-critical-windows-bug/

        • #2297535 Reply
          woody
          Da Boss

          That’s the Zerologon security hole, which I talked about on Sept 15.

          Yes, it’s a problematic bug that’s bound to be exploited pretty soon now. But it only affects servers, and it can only be used by an attacker after they’re already inside your network. And if you’ve been following along and have already installed the August patches, you’re protected.

          1 user thanked author for this post.
          • #2297538 Reply
            RTEsysadmin
            AskWoody Plus

            Absolutely. Sysadmins are paying attention to Zerologon.

            But I think the point here may be that what Microsoft considers critical and what government cyber warriors think is critical may be two different things. Does “Exploitation less likely” mean that Microsoft thinks it would take more that a script kiddie to use it?

            Microsoft’s judgment may be questionable at both ends of the spectrum.

            Group K(ill me now)
            1 user thanked author for this post.
    Viewing 1 reply thread

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: What does “Exploitation less likely” really mean?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.