Will rate likelihood of attacks on flaws it fixes, improve vendor communication
By Gregg Keizer, August 5, 2008
Microsoft will soon edge into the crystal-ball business, predicting each month whether newly found bugs in its software will be exploited, the company said Monday. The company also spelled out changes to how much information it gives customers and rival security companies about vulnerabilities, and when. Starting in October, Microsoft will add an "Exploitability Index" to the security bulletins it issues when it releases patches for Windows and its other software. Also in October, said Andrew Cushman, Microsoft's director of security response and outreach, the company will begin providing select third-party security vendors with technical information about each month's vulnerabilities before patches are posted in order to give those companies a head start in crafting exploit-detection signatures.
Read more here -->Link
No comments:
Post a Comment