Vulnerability Disclosure is Not One Size Fits All (and that’s okay)

Google’s Project Zero update to its vulnerability disclosure guidelines added 30 days to allow for patch adoption and deployment. The change comes after 25% of the detected zero-day exploits could have been avoided with more thorough patching efforts. Google’s Project Zero team has influenced other organizations to build bug-hunting teams like Microsoft’s recently-formed Microsoft Edge Vulnerability Research group that focuses on keeping the Edge browser more secure. Government and industry need to come together after such incidents to find ways to prevent future attacks and vulnerabilities.


Previous Post

Vulnerabilities CVSS scores soon to be assigned by AI

Next Post

Vulnerability exposed Peloton bike, treadmil to malware attacks

Related Posts