Comments on: Microsoft Warning Highlights Broken Security Model http://www.coretraceblogs.com/2009-07/microsoft-warning-highlights-broken-security-model/ The Application Whitelisting and Security Weblog Mon, 01 Mar 2010 04:54:55 +0000 http://wordpress.org/?v=2.9.1 hourly 1 By: David Thomason http://www.coretraceblogs.com/2009-07/microsoft-warning-highlights-broken-security-model/#comment-17 David Thomason Wed, 08 Jul 2009 00:25:01 +0000 http://www.coretraceblogs.com/?p=133#comment-17 It's clear that patching isn't going to fix all our problems. Even in the Verizon 2008 Data Breach Investigations Report, it clearly showed that patching is given far too high of a priority in most organizations. Fixing vulnerabilities is a step in the right direction but even that shouldn't be the first priority. CoreTrace is definitely on the right path. By controlling what we know and denying execution of all else, we can be much more secure. If I'm a hacker exploiting this ActiveX vulnerability as an entry point, the first thing I do is drop a rootkit. Fortunately, it won't work if the administrator has positive control of the executables. It’s clear that patching isn’t going to fix all our problems. Even in the Verizon 2008 Data Breach Investigations Report, it clearly showed that patching is given far too high of a priority in most organizations. Fixing vulnerabilities is a step in the right direction but even that shouldn’t be the first priority. CoreTrace is definitely on the right path. By controlling what we know and denying execution of all else, we can be much more secure.

If I’m a hacker exploiting this ActiveX vulnerability as an entry point, the first thing I do is drop a rootkit. Fortunately, it won’t work if the administrator has positive control of the executables.

]]>