[POLL] What type of OS Exploit is Worse?

More and more exploits roam the black market or are used by state actors for years and years before finally entering the public realm as 0-days. Others are revealed by security researchers or plain hackers as 0-days; new to everyone. Which is worse? They are both critical exploits… Leave your thoughts in the comments.

  • Publicly Known critical OS exploit
  • Black Market / State Actor critical OS exploit

0 voters

Any exploit is bad, but being subject to one which you had no possibility to avoid (because there was no patch available) seems much worse than being hit by one you could have patched for.


or changed your habits to avoid or mitigate for. Agreed @PHolder

At least the publicly released ones, even if there is no patch, are known and you can take actions to avoid them, even if it means taking the affected devices offline until a patch has been released.

If it is only known to the bad guys, you are wide open to being exploited.


James Stavridis: How NATO’s Supreme Commander thinks about global security Back in 2012 this military commander knew that secrets cut both ways and that openess has power.


Depends who you and your adversaries are. The majority of people are more susceptible to passive attacks lingering in the internet background radiation which are typically publicly known exploits. If you’re being actively targeted then it’s more likely that your adversary is using a zero day.

So publicly known exploits probably have a much broader scope with minimal impact (i.e your CC number is now part of a dump for sale on a hacker forum), but black market exploits will have a much finer scope with a potentially serious impact (i.e. your enrichment centrifuges are being torn to shreds).

No question. Black market / state actors are worse. Once a 0 day hits and is known, most vendors issues patches pretty quickly, impossible to do when the threat is not disclosed.