Re: Daft list names Firefox, Adobe and VMWare as top threats

Author	All Replies
SUMware Premium join:2002-05-21 4 edits	reply to matunga Re: Daft list names Firefox, Adobe and VMWare as top threats Note: matunga retitled the thread from the original "Daft list names Firefox, Adobe and VMWare as top threats" since my post. More from your link: quote: Bit9, Inc., the pioneer and leader in Enterprise Application Whitelisting, unveiled its annual ranking of popular consumer applications with known security vulnerabilities. Often running outside of the IT department’s knowledge or control, these applications can be difficult to detect; they create data leakage risk in endpoints that are otherwise secure; and cause compliance breaches that can result in costly fines. The list, published in a research brief entitled “2008’s Popular Applications with Critical Vulnerabilities,” is designed to highlight the need for greater visibility and control over organizations’ endpoints, including laptops, PCs servers and Point-of-Sale systems. each application on the list has the following characteristics: • Runs on Microsoft Windows. • Is well-known in the consumer space and frequently downloaded by individuals. • Is not classified as malicious by enterprise IT organizations or security vendors. • Contains at least one critical vulnerability that was: o first reported in January 2008 or after, o registered in the U.S. National Institute of Standards and Technology’s (NIST) official vulnerability database at »nvd.nist.gov, and given a severity rating of high (between 7.0-10.0) on the Common Vulnerability Scoring System (CVSS). ["The biggies"] • Relies on the end user, rather than a central IT administrator, to manually patch or upgrade the software to eliminate the vulnerability, if such a patch exists. • The application cannot be automatically and centrally updated via free Enterprise tools such as Microsoft SMS & WSUS. To read the full list of applications, which includes products from Symantec, Yahoo!, Trend Micro, Sun Microsystems and more, download the research report at: »bit9.com/landing/2008vulnerableapps.php. There, IT managers can learn more about the application vulnerabilities, along with the benefits of using application white listing, a proactive approach to endpoint security. [emphasis added] It is important to notice the caveats. You'll never see MS IE in this list. - Bit9 is not an independent, impartial testing/reporting agency. This is a promotional and marketing tool. »www.bit9.com/about/index.php quote: Bit9 is the pioneer and leader in Enterprise Application Whitelisting. The company's patented solutions ensure only trusted and authorized applications are allowed to run on Windows computers, eliminating the risk caused by malicious, illegal and unauthorized software. Bit9 is privately held and based in Waltham, Massachusetts.
SUMware Premium join:2002-05-21 4 edits	to forum · permalink · · 2008-12-12 11:13:34 ·
SnowyOne Premium join:2003-04-05 Kailua, HI ·RoadRunner Cable ·Clearwire Wireless	OT but... said by SUMware : Note: matunga retitled the thread from the original "Daft list names Firefox, Adobe and VMWare as top threats"... I've never had an opinion on the merits of matunga 's posts but this type of manipulation helps me understand some of the harsher criticism I've seen directed at him. Personally I'd rather be guilty of posting something that flew in face of an agenda rather than manipulating facts to support an agenda.
	to forum · permalink · · 2008-12-12 19:48:16 ·


Wednesday, 09-Dec 21:21:48	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF