Commentary

George Hulme
 

Microsoft Readies For Likelihood Of Attacks

We provided you the heads up about the Microsoft "Exploitability Index" a couple of months ago when the software company announced the new index, designed to predict the likelihood its security vulnerabilities would be attacked. It's an interesting idea, but will it have much value for practitioners?

We provided you the heads up about the Microsoft "Exploitability Index" a couple of months ago when the software company announced the new index, designed to predict the likelihood its security vulnerabilities would be attacked. It's an interesting idea, but will it have much value for practitioners?This month's patch Tuesday, which is tomorrow, will be when Microsoft first attaches this exploit index to its current threat ratings. Threat ratings, as you probably know, are ranked in a series of "low" through "critical" depending on the nature of the flaw. This is how the exploitability index will look, from a story that detailed Microsoft's announcement:

1) Consistent Exploit Code Likely 2) Inconsistent Exploit Code Likely, and 3) Functioning Exploit Code Unlikely


More Security Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>

The first one means a software flaw could be attacked with highly predictable results, and would probably be very easy to exploit. This would be very bad, as exploits would surface, and would be turned into weapons for mass use. This would be a critical vulnerability, and would need to be patched. Designation two could be bad, or it could be not-so-bad. Maybe an attacker could create an exploit, maybe not. And how the at-risk system reacts to the attack may not be very predictable. The third designation, Functioning Exploit Code Unlikely, is obvious: Microsoft has determined that developing a useful, functional attack tool would not be likely.

My opinion from back then hasn't changed from my original post, which is that this won't be of much value to operations teams trying to assess their risk. Tomorrow, and in the months ahead, we'll see if it works as intended.


Related Reading




Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

InformationWeek encourages readers to engage in spirited, healthy debate, including taking us to task. However, InformationWeek moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. InformationWeek further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
T-Shirt Giveaway T-Shirt Giveaway: Each week we're selecting one great comment from our readers. The author of the comment will receive an InformaitonWeek Community t-shirt. So get posting!
Subscribe to RSS

Resource Links