On Mon, 17 Sep 2007, ArkanoiD wrote:

> Well really? Are zero-day attacks widespread enough? I assume if you
> do windows update in time and do not watch pr0n (which increases the
> probability to meet zero-day exploit) you are almost safe. I'd also
> suggest not using IE.

You may think that's a good-enough approach, I don't happen to agree- the
rate of zero-day attacks is not great, but it happens, and frankl, if AV +
updates can't catch them all, then updates alone aren't going to. Now,
you can do a lot of IE configuration and permissioning and get pretty much
there (though I still argue that SRPs are *the* best first-line defense.)
But really, these days there aren't many AV software-generated problems,
and frankly the no-pr0n defense is lacking, these days it's Myspace,
Facebook and still the filesharing sites that are the most likely vectors.

If you're putting all your eggs in Microsoft's ability to catch and push
patches *especially* if you're not on an English-based version (the OP
appears to not be in the US) then I think you're playing odds- certianly
better odds than 10 years ago, but still odds.

Paul D. Robertson "My statements in this message are personal opinions
paul@compuwar.net which may have no basis whatsoever in fact."

firewall-wizards mailing list