http://www.computerdefense.org/2007/03/introducing-the-amazing-wonderful-and-completely-magnificent-microsoft-the-magician/ Sharing my thoughts with the world. Wed, 16 Nov 2011 02:58:20 +0000 hourly 1 http://wordpress.org/?v=3.2.1 http://www.computerdefense.org/2007/03/introducing-the-amazing-wonderful-and-completely-magnificent-microsoft-the-magician/comment-page-1/#comment-4693 -: A Random View of an Insecure World : » Blog Archive » The Severity of Vulnerabilities Mon, 19 Mar 2007 04:17:27 +0000 http://www.computerdefense.org/?p=287#comment-4693 [...] Personally, I’m all for the lowering of vulnerability severities if there is some reason to. However, I am a little concerned about how often people are trying to do this lately for their own reasons/benefits. With my post on the OpenBSD vulnerability snafu here, the fact that Microsoft is planning to only put DoS vulnerabilities in Service Packs, plus the Microsoft example here, I fear that people are becoming a little too used to bad things not happening anymore. Admittedly, things have been all quiet on the worm front lately, but that doesn’t mean that something won’t happen tomorrow. Trying to lower the severity of dangerous vulnerabilities does nothing but facilitate the ignorance of those who heavily rely on them. [...] [...] Personally, I’m all for the lowering of vulnerability severities if there is some reason to. However, I am a little concerned about how often people are trying to do this lately for their own reasons/benefits. With my post on the OpenBSD vulnerability snafu here, the fact that Microsoft is planning to only put DoS vulnerabilities in Service Packs, plus the Microsoft example here, I fear that people are becoming a little too used to bad things not happening anymore. Admittedly, things have been all quiet on the worm front lately, but that doesn’t mean that something won’t happen tomorrow. Trying to lower the severity of dangerous vulnerabilities does nothing but facilitate the ignorance of those who heavily rely on them. [...]

]]>