AnsweredAssumed Answered

What do other customers do with vulns that there is no patch for, and the mitigating control is either missing or impractical?

Question asked by Chalky_White on Jan 5, 2016
Latest reply on May 22, 2018 by Chalky_White

Hi, for these vulns there are always risks, but it's how to judge the impact/level of risk which is tricky;

QID 100131 Microsoft Internet Explorer Mouse Tracking Events Design Error - not practical to abandon IE

QID 118425 Microsoft Windows icmpsendecho2ex denial of service vuln - zero day  - advice says to speak to vendor, no known fix after 5 years

QID 119518 Microsoft Windows DHCPv6 packets remote denial of service vuln - zero day  - advice says to speak to vendor, no known fix after 5 years

 

Thanks!

Outcomes