, SecurityFocus 2001-11-09
Five computer security firms join Microsoft to set an official standard for limiting disclosure of software security holes
Expand all |
Post comment
Shocking developments
2001-11-09
H Carvey <keydet89 (at) yahoo (dot) com [email concealed]> (2 replies)
H Carvey <keydet89 (at) yahoo (dot) com [email concealed]> (2 replies)
...on second thought...Kudos!
2001-11-09
H Carvey <keydet89 (at) yahoo (dot) com [email concealed]> (1 replies)
H Carvey <keydet89 (at) yahoo (dot) com [email concealed]> (1 replies)
So what would force Microsoft to patch these holes if exploits are not published?
2001-11-10
Rafal Sybilla-Leszczynski (1 replies)
Rafal Sybilla-Leszczynski (1 replies)
So what would force Microsoft to patch these holes if exploits are not published?
2001-11-12
Anonymous
Anonymous
Microsoft have no server monopoly: this may reduce their share
2001-11-12
Kirsten Bayes (kirruth@hushmail)
Kirsten Bayes (kirruth@hushmail)
http://www.wiretrip.net/rfp/policy.html
It details a reasonable protocol for the person who discovers a security flaw to follow with the vendor.
A good read and I think a good solution for moderated full-disclosure.
See you,
Dumky
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/281/8686#8686