Microsoft has implemented a new company policy regarding vulnerability disclosure in non-Microsoft products (third-party products). Unsurprisingly they are following the ‘responsible disclosure’ line rather than the ‘full disclosure’ line favoured by the infosec community. It’s fair enough though, as they say treat others as you wish to be treated. I’m pretty sure Microsoft would much […]
Tag Archive | "disclosure policy"