Re: followup: CO University of Colorado at Boulder

[security curmudgeon <jericho () attrition org>]

: Ouch - an unpatched bug in so-called SECURITY software? Isn't such 
: software supposed to work against issues that lead to data breaches?

The state of security software is just as dismal as any other product 
line from other vendors though. Search your favorite vulnerability 
database (VDB) for any of the big security vendor names like CA, Symantec 
or Cisco. The results should be an eye opener to anyone who continues to 
use these products.

It's obviously unfortunate, most people are better off having them, as 
they do provide a significant level of protection from various threats. 
But when they are used as attack vectors, the vendors should be ashamed. 
Customers need to hold them to higher standards.

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 208 million compromised records in 675 incidents over 7 years.