* Of all the vulnerabilities disclosed in 2007, only 50 percent can be corrected through vendor patches. [suggests that ISPs need to be proactive about detecting and blocking compromised machines]
I think this conclusion assumes a number of facts not in evidence.
If the vulnerability cannot be corrected through a vendor patch, then, one has to wonder what, exactly the vulnerability is. If it is social engineering, then, I don't believe that ISP proactivity can really address the issue.
It can if the kind of proactivity they mean is taking down phishing web sites. (Though I wouldn't describe a phishing site as a vulnerability.) Tony. -- f.a.n.finch <dot@dotat.at> http://dotat.at/ FISHER GERMAN BIGHT: NORTHWEST VEERING NORTHEAST 3 OR 4, BUT 5 OR 6 IN NORTH FISHER. SLIGHT OR MODERATE, OCCASIONALLY ROUGH LATER IN FISHER. FOG PATCHES THEN FAIR. MODERATE OR GOOD, OCCASIONALLY VERY POOR.