Zero-Day Microsoft PowerPoint Vulnerability
Symantec is reporting a zero-day PowerPoint exploit. Right now the threat assessment is low, but that could change overnight if someone writes an automatic worm that takes advantage of this vulnerability.
Note that the vulnerability appeared in the wild days after “Patch Tuesday,” presumably to maximize the window of exposure before Microsoft issues a patch.
Carlo Graziani • July 17, 2006 2:12 PM
Does anyone know how many engineers MS has working on response to reported vulnerabilities? A comparison of this number to the number working to develop Vista, or new applications, or new versions of old applications, might help cut through the marketing blather and give some idea of the real extent to which they are dedicated to securing their software. How many boots are actually on the ground?
Their response to vulnerability reports often seems awfully slow.