Hi malware fighters,

On average a zero-day hole has a life-cycle of 348 days, before it is being patched or being detected.
But there are leaks that stay out undetected for 1080 days, that’s almost 3 years. Short-lived zero-days never lived shorter than 99 days.

“Good money is being paid for zero-day leaks,” according to Immunity Sec’s Justine Aitel. His firm buys zero-days’ for their own security solutions customers. Companies should do more to discover zero-day holes inside their own software, but normally these are neglected or ignored. “So we can assume that literary everything is broken. It is the hard truth we have to live with, so be it.”

polonus

Damien,
We live in an imperfect world and therefore should expect imperfection.
It’s fine to strive for perfection as long as you accept the fact that
achieving it in this world is impossible.

Hello bob3160,

Completely agree, but just being aware is the best remedy, look for the threats captured in pictures here:
http://www.pcworld.com/article/id,133567/article.html

polonus