4/ The lesson is that by not doing a "full disclosure with PoC", Microsoft delayed exploitation by only a few hours.
I can't bake bread but I'm still eating a sandwich. "Practical experience" here is a misnomer, why would attackers tell you when finished?
-
-
They wouldn't, but as you can imagine MS has various ways of knowing when things happen. Not 100% reliable, but gives an indication.
-
Obviously we're not talking about pinpointed attack against one specific target, MS has 1 billion users to protect, they look at mass.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.