Microsoft to share vulnerabilities much faster

Posted on Thursday, Aug 07 2008 @ 00:53 CEST by Thomas De Maesschalck
Microsoft announced it will roll out a new program in October that will inform security vendors much sooner about security flaws:
Starting in October, Microsoft will start sharing details on software vulnerabilities with security vendors ahead of Patch Tuesday under a daring new program aimed at reducing the window of exposure to hacker attacks.

The new Microsoft Active Protections Program (MAPP), which will be formally announced at Black Hat USA 2008 here, will give anti-virus, intrusion prevention/detection and corporate network security vendors a headstart to add signatures and filters to protect against Microsoft software vulnerabilities.

The idea is to provide detection guidance ahead of time to help security vendors reproduce the vulnerabilities being patched and ship signatures and detection capabilities without false positives.

According to Mike Reavey, group manager in the MSRC (Microsoft Security Response Center), the new vulnerability sharing program was created to address the situation today where weaponized exploit code is being released to the public before Windows users can test and deploy the Patch Tuesday fixes.
More info at ZD Net.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments