Besides the sheer size of the #codebase, Windows' fanatical #dedication to backwards #compatibility means there's a lot of really old code still in use. I suspect code written 20+ years ago is fairly likely to contain security problems that would never get written today.
Is the Preview Pane an attack vector for this vulnerability?
The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane.
@jerry Given the size of the code base and scope of what it does, it's certainly possible. It also depends on how you define "windows"; so many non-OS things come with the OS and are bundled into windows update.
If we were to look at CVEs released by all the things that come with a RHEL license, it would likely give Windows a pretty good run.
@jerry Maybe? I think it's also one of the largest and most widely-run code bases, so I don't know if that's necessarily surprising.
It'd be more interesting to compare based on size of the code base, or maybe runtime? Not sure how you'd really do a useful comparison.
I'd think in terms of targeting, IOS, Android, and some of the network/router/switch OSes would be up there in terms of interest to the greatest number of attackers.
Add comment