Windows

    Software Vulnerability Management at Microsoft

    Language:
    English
    Vulnerabilities are weaknesses in software that enable an attacker to compromise the integrity, availability, or confidentiality of that software. This paper describes the process that Microsoft uses to investigate and release security updates that address vulnerabilities in the software it produces.
    • Note:There are multiple files available for this download.Once you click on the "Download" button, you will be prompted to select the files you need.
      Version:

      1.0

      File Name:

      Software Vulnerability Management at Microsoft.xps

      Software Vulnerability Management at Microsoft.pdf

      Date Published:

      7/28/2010

      File Size:

      3.8 MB

      1.3 MB

        Vulnerabilities are weaknesses in software that enable an attacker to compromise the integrity, availability, or confidentiality of that software. Microsoft uses a process to investigate and release security updates that address vulnerabilities in the software it produces. In this paper you’ll learn about this process and how Microsoft uses a multipronged approach to help its customers manage their risks. This approach includes three key elements: (1) High quality security updates - using world class engineering practices to produce high quality security updates that can be confidently deployed to over a billion diverse systems in the PC eco-system and help customers minimize disruptions to their businesses; (2) Community based defense - Microsoft partners with many other parties when investigating potential vulnerabilities in Microsoft software. Microsoft looks to mitigate exploitation of vulnerabilities through the collaborative strength of the industry and through partners, public organizations, customers, and security researchers. This approach helps to minimize potential disruptions to Microsoft’s customers’ businesses; (3) Comprehensive security response process - employing a comprehensive security response process that helps Microsoft effectively manage security incidents while providing the predictability and transparency that customers need in order to minimize disruptions to their businesses.
    • Supported Operating System

      Windows 7, Windows Vista, Windows XP

        Any supported operating system
      • Download the paper. This is available as a PDF or an XPS document. In order to view the XPS document, you will need to install the reader (included in Windows Vista and Windows 7).

    Popular downloads

      • 01

        DirectX End-User Runtime Web Installer

        The Microsoft DirectX® End-User Runtime provides updates to 9.0c and previous versions of DirectX — the core Windows® technology that drives high-speed multimedia and games on the PC.

      • 02

        Malicious Software Removal Tool

        This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

      • 03

        Microsoft Security Essentials

        Microsoft Security Essentials provides real-time protection for your home or small business PC that guards against viruses, spyware, and other malicious software.

      • 04

        Windows 7 Upgrade Advisor

        Download and run the Windows 7 Upgrade Advisor to see if your PC is ready for Windows 7. It scans your hardware, devices, and installed programs for known compatibility issues, gives you guidance on how to resolve potential issues found, and recommends what to do before you upgrade.

    Loading your results, please wait...

    Free PC updates

    • Security patches
    • Software updates
    • Service packs
    • Hardware drivers

    Microsoft Suggests

    Sign up for OneDrive and get 15 GB of free online storage.
    OneDrive now comes with 15 GB of free online storage
    Get more space for all your photos, videos, and documents.
    Sign up now