Security impact ratings considered harmful

Details Security impact ratings considered harmful Security impact ratings considered harmful

2009-04-26

arxiv.org/abs/0904.4058v1

Computer Science

Cryptography and Security

HotOS 2009

Scientific paper

In this paper, we question the common practice of assigning security impact ratings to OS updates. Specifically, we present evidence that ranking updates by their perceived security importance, in order to defer applying some updates, exposes systems to significant risk. We argue that OS vendors and security groups should not focus on security updates to the detriment of other updates, but should instead seek update technologies that make it feasible to distribute updates for all disclosed OS bugs in a timely manner.

Affiliated with

Also associated with

No associations

Rating

Security impact ratings considered harmful does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Security impact ratings considered harmful, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Security impact ratings considered harmful will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-322013