Software giant Microsoft has made some key changes in its vulnerability disclosure policies that are targeted towards make vulnerability a coordinated and collaborated effort.
According to a post on the Technet blog, the company has introduced a new Coordinated Vulnerability Disclosure (CVD) at Microsoft document which simplifies how Microsoft discloses security vulnerabilities in its own software as well as third party software.
Microsoft also informed that it was releasing the first set of advisories under its Microsoft Vulnerability Research (MSVR) program. The company said that it had privately told certain software vendors about vulnerability in their offerings, which had now been fixed.
The company has also established an internal corporate Disclosure of Vulnerabilities policy which laid down protocols for employees to follow when they discover vulnerability in a third party product.
“We believe the most effective approach to security is a comprehensive Security Development Lifecycle that reduces or mitigates vulnerabilities before a product is released. After a product or service is released, we feel security is a shared responsibility across the broad community,” Microsoft said.
“By working together through coordinated efforts when vulnerabilities are identified, we can effectively minimize customer risk while a solution is developed,” the company added.
According to a post on the Technet blog, the company has introduced a new Coordinated Vulnerability Disclosure (CVD) at Microsoft document which simplifies how Microsoft discloses security vulnerabilities in its own software as well as third party software.
Microsoft also informed that it was releasing the first set of advisories under its Microsoft Vulnerability Research (MSVR) program. The company said that it had privately told certain software vendors about vulnerability in their offerings, which had now been fixed.
The company has also established an internal corporate Disclosure of Vulnerabilities policy which laid down protocols for employees to follow when they discover vulnerability in a third party product.
“We believe the most effective approach to security is a comprehensive Security Development Lifecycle that reduces or mitigates vulnerabilities before a product is released. After a product or service is released, we feel security is a shared responsibility across the broad community,” Microsoft said.
“By working together through coordinated efforts when vulnerabilities are identified, we can effectively minimize customer risk while a solution is developed,” the company added.
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
vulnerablity
