Microsoft: First exploit ratings show success
Microsoft Corp. last week called its first crack at predicting whether hackers would create exploit code for its software flaws a success -- even though its forecasts were less than 50% accurate.
"I think we did really well," said Mike Reavey, group manager at the Microsoft Security Research Center. The vendor, which introduced its three-level Exploitability Index as part of its October patch release, predicted that consistent exploit code was likely to be created for nine flaws; code was actually crafted for four of them, Reavey said.
In addition, Microsoft correctly forecast that functioning exploits were unlikely for four other flaws.
That left it with a score of eight for 20. But Reavey said the key is that Microsoft didn't rate any flaws lower than they should have been, "because then customers would have inaccurate information for prioritizing patches."
No responsibility can be taken for the content of external Internet sites.
Return to internet news headlines
View Internet News Archive