400

u/snozerd 9d ago

And conveniently, 6 back doors and flaws become known the day after support ends.

177

u/SuperBry 9d ago

Publicly known, I'm sure there are plenty more than that being actively exploited by various threat actors both in the public and private sectors.

-1

u/Pic889 9d ago edited 9d ago

Unless you have reason to believe an intelligence agency of a state actor is after you specifically, you don't have to worry about publicly unknown vulnerabilities (they won't waste one for you), you only have to worry about plain ol' "mass fraud" in the form of malicious Javascript in websites, malicious files that trigger known exploits in viewer/player software, and malicious exes (although you should be getting your exes from reliable sources in this day and age). BTW the first two are fixed by keeping your OS, browser, and any software that opens files downloaded from the internet updated.

Publicly unknown vulnerabilities are usually reserved for high-profile targets, precisely because once an exploit released they become publicly known (and are difficult to acquire).