Another Irresponsible Vulnerability Disclosure: Microsoft Needs Some Help
Security tools maker Finjan Software warned on Wednesday that it found as many as 10 security flaws in the last update to Microsoft's flagship operating system, Windows XP Service Pack 2. In a statement that contained few details, the U.K. company claimed that the vulnerabilities could enable attackers to remotely access a victim's files, remove security measures aimed at Internet threats and run programs without any notification to the user.
The company did not wait for Microsoft to fix the issues, as many security companies do, and used the announcement to push its own wares as a way to be protected from the threats. This move is interpreted by many as an effective publicity generation. The overall objective of the security industry should be to improve security of the society. Although researchers are acknowledged when the fix for the vulnerability arrives if they follow responsible vulnerability disclosure process, some still choose to put the society at risk by going to immediate public disclosure. To read more on this recent issue, please go to News.com.
The company did not wait for Microsoft to fix the issues, as many security companies do, and used the announcement to push its own wares as a way to be protected from the threats. This move is interpreted by many as an effective publicity generation. The overall objective of the security industry should be to improve security of the society. Although researchers are acknowledged when the fix for the vulnerability arrives if they follow responsible vulnerability disclosure process, some still choose to put the society at risk by going to immediate public disclosure. To read more on this recent issue, please go to News.com.
posted by PM at 10:56 PM
<< Home