Johannes Ullrich
Johannes Ullrich
Johannes Ullrich is the founder of DShield. DShield is now part of the SANS Internet Storm Center which he leads since it was created from Incidents.org and DShield back in 2001. In 2005, he was named one of the 50 most powerful people in Networking by Network World Magazine. He is the dean of research, and an instructor for the SANS Institute...
cause chance patch side
Each patch (official or not) has a chance to 'blow up' and cause unintended side effects.
apple call everybody operating sort viruses
It?s sort of a wake-up call for Apple users. Everybody focuses on Windows, but there are viruses for other operating systems.
bragging looking teenagers
It used to be teenagers looking for bragging rights. Now it's done for profit.
attack cause code execute itself knew known mark memory problem remote until
The vulnerability itself has been known about for a while, but it was only a problem for a denial-of-service attack that would sometimes cause IE to crash. Up until now, no one knew how to mark the code and find it in memory to execute a remote code attack.
allow bad compromise crash excel file hackers program trying word
What hackers are trying to find is, if they can make a bad Excel file or a bad Word file, does the program crash and allow them to compromise the system.
applying recommend temporary
At this point, we do not recommend applying these temporary patches.
appear apple distinct larger offer patches testing
At this point, Apple does not appear to offer the patches in distinct packages, which will make testing in larger environments tricky.
cooperate functions less patches problems software sort various
These are the sort of problems that we typically see when patches don't cooperate well with various third-party software and some of the less used functions of Windows,
catch four pushed version
A new version can be pushed out every four hours. You can never catch up.
The story here is if you are hit, you do have other vulnerabilities than this problem.
dangerous exploit issue
The Snort issue is more dangerous because the exploit is really simple.
damage good patch quickly roll testing
More often than not, a patch will actually do more damage than good if you roll it out too quickly without testing it first.
felt guess necessary release serious
My guess is that it's just serious enough that they really felt it was necessary to release it early.
apply home patch soon
For home users: Apply the patch as soon as you can.