Comment on Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it
lud@lemm.ee 4 months agoRemember regreSSHion?
All software has serious security vulnerabilities.
Comment on Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it
lud@lemm.ee 4 months agoRemember regreSSHion?
All software has serious security vulnerabilities.
EpicFailGuy@lemmy.world 4 months ago
RegreSSHion is overblown … it was quickly patched and it was not reliably reproducible every time. It depended on “Luck” to have pointer fall on the right memory space in order to allow the code execution.
I think Terrapin was much much worse … and log4j … log4j was a DISASTER … but point taken.
I wasn’t shrilling my choice of OS tho, I think eternal blue is a lot worse than those other CVEs because the NSA KNEW about it and did not disclose it, and because Windows has a much wider user base of clueless users that easily fooled.
lud@lemm.ee 4 months ago
Yeah, I just took the most recent one as an example.