Originally Posted by knowitall
You seem to confuse two persons.
But your wrong, even good network hygiene won't save you if your unlucky (see my other post).
no... I tried to retain a thread. I was agreeing with TS (my editting sucked today... bad network performance and mental timeslicing).
As for me being wrong... I never said you were 100% safe... I just indicated that your risk was lower than 100%. and that patching your system didn't fix any problems if you're 'luck' was bad.
In any 'defense in depth' risk management scheme, human action is the first level, but there are several other levels... frequent changing of repeating secrets (passwords), monitoring of transactions, vulnerability management, hardening systems, etc.. focusing on the one level (VM) without the others is like focusing your toothpaste brand, and but not caring how often you brush your teeth, avoiding sugar and acid foods, go to the dentist, flossing, or wearing a mouthguard when you play contact sports.
and back to the point... no amount of patching will 'undo' the impact. Due to the length of time this flaw was in the wild, and the potential that it was discovered by at least one 'grey/black' hat entity (e.g. NSA's inclusion of iOS in PRISM at the same time the code seems to have been introduced... if they found, we must assume someone else could have [unless we are into conspiracy theories of code planting]), the wise thing is to suck it up, and start changing passwords, and being vigilant on monitoring financial/credit transactions.