Andrew writes in to say ..
"It just goes to show that old vulnerabilities can still be effective. I recently ran across a site that our IDS detected via the ANI exploit.
If you think you're patched to current, how do you know for sure?
An occasional scan (using MBSA for example) will show you any missing patches. In a perfect world, every system would be able to always be patched to current but if you are one of the people who can't deploy certain patches because it will break critical business functionality, these reports will be the start of the paper trail you will want for your audits showing why they can't be patched.
Jul 19th 2007
1 decade ago