Scrap Cars and Exploits

Written By:
Content Copyright © 2006 Bloor. All Rights Reserved.
Also posted on: Nigel Stanley

Pop quiz. You run IE in your business and another flaw is found in the software, which could be exploited by hackers. Microsoft say they won’t release a patch immediately, leaving your version of IE vulnerable to attack. Do you install a third party fix to address the problem or wait until Microsoft release an “official” patch?

With the rise of organisations such as ZERT (Zeroday Emergency Response Team) it must be tempting for some to install a third party fix. ZERT is a group of techies with extensive experience in reverse engineering software, firmware and hardware coupled with liaisons from industry, community and incident response groups” that offer such a service. 

The pressure to fix zero day exploits is huge, and causes much angst for administrators. Testing patches against an estate is time consuming and difficult at the best of times, and no doubt doubly so using an “unauthorised” fix. Certainly Microsoft advise against using a third party fix and suggest waiting for an official release.

I guess there is an analogy in the motor vehicle industry. If you need a part for your car you to go to the main dealer and buy a manufacturer’s original part in the knowledge that it is to the same quality as the factory fitted component? Alternatively you can go to a car superstore and buy an identical component that is made by another vendor at a cheaper price. Finally you could go to a scrap merchant and search through piles of junk looking for the part you need, remove it and pay peanuts.

Now, if you were looking at fixing your brakes which supplier would you use? If you were looking for another hub cap would you go to the scrap merchant?

Of course your decision will also be made on the type and nature of your car. If it is a brand new, in waranty vehicle you could create problems for yourself if you fit anything other than an original part. If you have a 10 year old Land Rover it is less an issue.

Ultimately the choice is yours. If I were running corporate IT I would suggest that it is more akin to your new “in warranty” car and I for one would be very loathe to fit anything other than a factory original part, even if I had to wait just a little bit longer for delivery. If I were really desperate I may fit an identical part from another vendor but would be swapping it out as soon as the real thing is available. Remember, like in all things, caveat emptor.