Slashdot Mirror


Due Diligence?

ekr writes "The OpenSSL remote buffer overflows discovered at the end of July got a lot of press here on /. But how many people actually fixed their machines? I decided to study this question, and the results are kind of depressing. Two weeks after the release of the bug, over two thirds of the servers I sampled were still vulnerable. Even two weeks after the Slapper worm was announced, a third of the total servers were vulnerable. The paper can be found here in PDF or Postscript."

2 of 202 comments (clear)

  1. this is why... by mr_gerbik · · Score: 5, Funny

    This is why I run Windows 3.11. No worries about falling behind and not installing the latest fixes.

  2. Damn MCSEs by davinciII · · Score: 5, Funny

    See, this is exactly what happens when you hire a bunch of paper MCSEs to run your........

    wait, did you say Linux?