It often takes more time to assess whether your system is truly vulnerable to a given public exploit than it takes to just grab a newer version of the component.
Also worth considering: getting pwned because of a 0day is no fun, but getting pwned because of an unpatched CVE in your system - priceless.
It often takes more time to assess whether your system is truly vulnerable to a given public exploit than it takes to just grab a newer version of the component.
Also worth considering: getting pwned because of a 0day is no fun, but getting pwned because of an unpatched CVE in your system - priceless.