Reply to post: Re: Confusing.

Welcome to the 2020s: Booby-trapped Office files, NSA tipping off Windows cert-spoofing bugs, RDP flaws...


Re: Confusing.

> Seems they have a lot to gain and little to lose leaving it there.

They have probably found out (a) a new zero day hole, and/or (b) others have discovered this hole and are using it (possibly against NSA/allied systems).

At the point where your adversaries know and exploit the vulnerabilities you know about (or just defend from them), that is the time you should patch it and move to some other zero-day exploit,

The NSA also has a mandate to defend against threats, it is a balance between knowing vulnerabilities (to exploit others) and disclosing them to be fixed.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020