What's the story with these security holes?

Summary:There are 28 vulnerabilities in the ZDI pipeline, all high-severity, affecting some of the world's biggest IT vendors -- Computer Associates, Microsoft, Hewlett Packard, Novell, Oracle, IBM, Symantec, Sun Microsystems, Veritas and Borland.

Ever so often, I make it a point to glance at the upcoming advisories from TippingPoint's Zero Day Initiative and wonder about the status of these "high risk" issues that are more than 300 days old.

WhatÂ’s the story with these security holes?

According to ZDI, the vendors associated with these pending zero-day vulnerabilities have all been notified and are (supposedly) working on patches. In all, there are 28 in the ZDI pipeline, all high-severity, affecting some of the world's biggest IT vendors -- Computer Associates, Microsoft, Hewlett Packard, Novell, Oracle, IBM, Symantec, Sun Microsystems, Veritas and Borland. Microsoft appears on the list six times.  Five of the Microsoft bugs were reported more than 200 days ago while the sixth was reported 452 days ago.

Topics: Microsoft, Hardware, Security, Storage

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.