ElseNot Project

I’ve been working at building a spreadsheet of patches, which are exploited, as well as the ratio of patched to unpatched systems at my company.
Its kind of a pain to search through old Deepsight notices to see which patches have associated exploits. The Elsenot Project posts which Microsoft patches have associated exploits. I’m not really a fan of their stated goal “an exploit for every Microsoft vulnerability” but it is a good quick reference. One thing they could do better is in addition to linking to exploit code they should also use the common name where possible such as slammer, or code red.