Yahoo joining Google in 90 day vulnerability disclosure policy

If Yahoo or Google discovers a security flaw in software and the software vendor doesn’t patch it within 90 days, too bad – the policy is to release the information to the public. This approach has both positive and negative consequences. Advocates say this forces software vendors to take action in a more timely manner. Detractors say it gives attackers information they can use to exploit the vulnerability.

Find out more here:

http://threatpost.com/yahoo-plans-to-disclose-all-new-bugs-it-finds-within-90-days/109798

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top