[Dshield] vunerability windows

Andy Streule andy.streule at lythamhigh.lancs.sch.uk
Fri Feb 6 12:25:18 GMT 2004


i've been seeing a lot of reports since Mydoom talking about 'vunerabilty
window'. this being, for those who dont know, the time window between a
virus becoming a high threat and anti-virus manufactures issuing updates.
the size of the window increases the faster a virus spreads.

At the moment there's no definitive way of minimising/closing the window.
I've seen ppl talking about having to have a third unspecified bit of
software to cover. but that seems a bit extreme.

I was wondering what peoples ideas were on how to mimise the windows.

The other day I wondered why anti-virus vendors arent getting into mail
clients. Or microsoft needs to be getting into antivirus a lot faster. It
would seem logical to me that for the home user market, the time has come
for anti-virus software to be integrated with mail clients and for some
mechanism to exist to quarantine attachments for say 12 hours, to ensure
updates are most likely avaliable for any new virus. 

Also auto-update should be on by default and sufficiently hidden so the
average n00b cant turn it off. ;-)


This e-mail is confidential and privileged.  If you are not the intended
recipient do not disclose, copy or distribute information in this e-mail
or take any action in reliance on its content.

This email has been checked for known viruses. 

More information about the list mailing list