Are many security holes going unexploited?

— 3:57 AM on December 31, 2002

Wired is running an interesting article on security holes, why so many are found, and why we hear so little about the fallout from each. Though new security holes seem to appear almost weekly, it appears that few are ever exploited:

Some security experts suggest that malicious code attacks do happen but are dismissed by most users as just another wonky Windows software crash. But those same experts also cheerfully confess that most exploits aren't all that exploitable, and that the security industry profits by stirring up fear and frenzy.
Are security experts just trying to drum up business, or are malicious hackers a little behind the curve? Perhaps the majority of security holes aren't worth hacking to begin with.

Regardless of the reasons why, it's comforting to know that if I don't manage to install the latest security patch right instantly, I'll probably be OK, for a little while at least.

Like what we're doing? Pay what you want to support TR and get nifty extra features.
Top contributors
1. BIF - $340 2. Ryu Connor - $250 3. mbutrovich - $250
4. YetAnotherGeek2 - $200 5. End User - $150 6. Captain Ned - $100
7. Anonymous Gerbil - $100 8. Bill Door - $100 9. ericfulmer - $100
10. dkanter - $100
Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.