Microsoft Exploitability Index

October 15, 2008 | Jaime Blasco

Microsoft has just added a new index to new security bulletins to provide additional information about the potential exploitability of vulnerabilities associated with a Microsoft security update.

The index classify each vulnerability with the Exploitability Index Assessment that indicate the likelihood of functioning exploit code, the three possible values are:

  • - 1 Consistent exploit code likely
  • - 2 Inconsistent exploit code likely
  • - 3 Functioning exploit code unlikely

You can find additional information in this document and real examples in the new Microsoft Security Bulletin Summary for October 2008

Jaime Blasco

About the Author: Jaime Blasco

Jaime Blasco is a renowned Security Researcher with broad experience in network security, malware analysis and incident response. At AT&T Cybersecurity, Jaime leads the Alien Labs Intelligence and Research team that leads the charge of researching and integrating threat intelligence into detection mechanisms. Prior to working at AT&T, Jaime was Chief Scientist at AlienVault. Prior to that, he founded a couple of startups (Eazel, Aitsec) working on web application security, source code analysis and incident response. He is based in San Francisco. Jaime's work in emerging threats and targeted attacks is frequently cited in international publications such as New York Times, BBC, Washington Post and Al Jazeera.

Read more posts from Jaime Blasco ›


Get price Free trial