Coordinated Vulnerability Disclosure Reloaded
Tuesday, April 19, 2011
Today on the MSRC Blog, Matt Thomlinson announced three new efforts to provide more transparency into Microsoft’s vulnerability disclosure process. These included a Coordinated Vulnerability Disclosure (CVD) at Microsoft procedures document, the first release of MSVR Advisories on vulnerabilities that were discovered by Microsoft and fixed by affected vendors, and an internal employee disclosure policy.