VB Migration

Tag: full-disclosure

  • Google relaxes disclosure policy following criticism

    Grace period added for vulnerabilities that are about to be patched. Last year, Google announced a new disclosure policy, where details of a vulnerability discovered by the company’s researchers would be published within 90 days of the affected vendor being notified, regardless of whether or not a patch had been released. If the vulnerability were…

  • Microsoft no longer publishes advance notifications for its Patch Tuesdays

    Company unhappy with Google going full disclosure on privilege escalation vulnerability. Tomorrow is the second Tuesday of the month and, as most people reading this blog will know, this means Microsoft will release security updates for its software products. But this “Patch Tuesday” will be slightly different from previous ones, as the company has stopped…

  • Alarm over possible PDF flaw

    Vulnerability announcement hyped to disaster level. The announcement of a potentially serious vulnerability in the ubiquitous Adobe PDF document format sparked considerable media attention last month, in some cases hyped to the level of a major disaster waiting to happen. The vulnerability was found by researcher Petko Petkov and was announced in a blog entry.…