North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: IBM report reviews Internet crime
On Feb 12, 2008, at 11:46 AM, Florian Weimer wrote:
* Owen DeLong:
No, I presume that a vulnerability identified as "cannot be resolved through
vendor patch" means a vulnerability for which, even if a vendor patch were
available, it would not resolve the vulnerability. A vulnerability for which
a patch is not yet available, but, which could be resolved if the vendor
released a patch is a vulnerability which "CAN be resolved through
vendor patch when one becomes available."
It is unclear from the text provided which of our conflicting definitions for
the term applies in IBM's text.