[In the wrong hands] this tool is dangerous, ... But that version isn't as dangerous as other versions that will be released. |
All that has been done is that they have figured out the file system, which is not much different than the original Xbox file system. I would consider it a game hack, not really an Xbox 360 hack. But (it is) the beginning steps of one. |
As far as we know, this update does not address our issues. |
I don't buy the argument that they are aiding attackers. The attackers are already reverse-engineering the patches. They have the time and resources to find out where the flaw lies. The guy that feels the pain is the system administrator who is in the dark and who can't do his own reverse-engineering. |
I think September will be quiet. When we get the six, seven, eight or nine patches, it gets to be a bit more difficult. |
It is the skeleton in Microsoft's closet. We routinely find them. |
It would be really nice to see Microsoft turn around a patch in between 60 and 90 days. Considering the size of the company and the way some of these Internet-facing software [apps] are complicated, the 90-day window isn't that bad. But when it creeps up to three and four months, it becomes unacceptable, |
It's not one of ours. |
It's safe to assume that once we find a flaw, someone else will probably find it. The problem here is that someone malicious might find it and exploit it before Microsoft can provide full protection. |
Microsoft's customers depend on that information to figure out how to respond to Patch Tuesday. The reality is, system administrators will delay deploying a patch based on the details of the bulletin. When details aren't included, he won't install that patch. That is a big problem. |
Overall, they have improved, there's no doubt about that. But unless they move faster on some of these high-impact vulnerabilities, we'll always deal with rogue researchers finding the same things, |
The potential is there. We haven't seen any exploitation, but it doesn't mean it can't be done. |
There are some extremely smart hackers out there using and sharing the tools that find these vulnerabilities. When Microsoft takes a long time to issue fixes, it sets up a dangerous situation, |
They are simply left in the dark and may ignore a patch that is super-critical to their environment. Meanwhile, the bad guy has spent the time to find out what was silently fixed. |
This flaw is not as critical as some because it can only be exploited on the local network and even if it is compromised, the error would only be able to crash the server, not expose the data or put information at risk. Basically, someone on the local network could crash the machine running the software. It doesn't allow for any kind of actual access to the machine or to the data. |