Exploitability Index | Prioritize Deployment of Security Updates

Microsoft is helping define the importance of patches based on exploit likelihood.  This might fit with a risk assessment but it is unlikely to really change the need for rapid patching.  My question is does this really help you make a prioritization?  I think that with the release of a patch these indexes might change rapidly and MS will have to adjust the index.

Exploitability Index Assessment Short Definition
1 Consistent exploit code likely
2 Inconsistent exploit code likely
3 Functioning exploit code unlikely

Exploitability Index | Prioritize Deployment of Security Updates.

Leave a Reply

Your email address will not be published. Required fields are marked *