Comment by ofjcihen
12 hours ago
A 0 day is just a vulnerability that wasn’t known before now.
What’s the criticality of these? Are they realistically exploitable? En mass? Through a complex and highly contextual set of actions? What’s the impact? Etc etc etc.
Yes those numbers are a big change but they’re also not spelling doom for us in the security world until we actually know what they mean.
The demonstrated ones that they have on the red team blog are neat, the kernel chain is impressive and fun. But nothing I’m seeing here is as world ending as the presser implies.
> The demonstrated ones that they have on the red team blog are neat, the kernel chain is impressive and fun
So by your estimation, for rogue actors being able to uncover hundreds of this class in each major software product roughly for free would not be a big issue?