What's the story with these security holes?

There are 28 vulnerabilities in the ZDI pipeline, all high-severity, affecting some of the world's biggest IT vendors -- Computer Associates, Microsoft, Hewlett Packard, Novell, Oracle, IBM, Symantec, Sun Microsystems, Veritas and Borland.

Ever so often, I make it a point to glance at the upcoming advisories from TippingPoint's Zero Day Initiative and wonder about the status of these "high risk" issues that are more than 300 days old.

WhatÂ’s the story with these security holes?

According to ZDI, the vendors associated with these pending zero-day vulnerabilities have all been notified and are (supposedly) working on patches. In all, there are 28 in the ZDI pipeline, all high-severity, affecting some of the world's biggest IT vendors -- Computer Associates, Microsoft, Hewlett Packard, Novell, Oracle, IBM, Symantec, Sun Microsystems, Veritas and Borland. Microsoft appears on the list six times.  Five of the Microsoft bugs were reported more than 200 days ago while the sixth was reported 452 days ago.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All