By user12625760 on Mar 03, 2007
That there was a worm that successfully exploited the telnet vulnerability in Solaris 10 running around the Internet and more specifically within Sun last week is not news. Dave pointed out that it would seem to indicate that the reason we don't normally have worms and viruses running around on Solaris is not due to the lack of interest of writers of such things. Clearly as this week showed they are interested.
The question I have been left pondering is this:
Given that the bug was well reported, patches were made and distributed very quickly, why were there so many hosts that were available to be infected?
Should Solaris hosts download security patches by default? Given that security patches are free it would seem like a good install option to allow.