Windows

    CVD at Microsoft

    Language:
    English
    Information about Coordinated Vulnerability Disclosure
    • Version:

      1

      File Name:

      CVD.docx

      Date Published:

      4/19/2011

      File Size:

      49 KB

        Under the principle of Coordinated Vulnerability Disclosure, finders disclose newly discovered vulnerabilities in hardware, software, and services directly to the vendors of the affected product, to a national CERT or other coordinator who will report to the vendor privately, or to a private service that will likewise report to the vendor privately. The finder allows the vendor the opportunity to diagnose and offer fully tested updates, workarounds, or other corrective measures before any party discloses detailed vulnerability or exploit information to the public. The vendor continues to coordinate with the finder throughout the vulnerability investigation and provides the finder with updates on case progress. Upon release of an update, the vendor may recognize the finder in bulletins or advisories for finding and privately reporting the issue. If attacks are underway in the wild, and the vendor is still working on the update, then both the finder and vendor work together as closely as possible to provide early public vulnerability disclosure to protect customers. The aim is to provide timely and consistent guidance to customers to protect themselves.
    • Supported Operating System

      Windows 7, Windows Vista, Windows XP

        None
      • None

    Popular downloads

    Loading your results, please wait...

    Free PC updates

    • Security patches
    • Software updates
    • Service packs
    • Hardware drivers

    Microsoft Suggests

    Sign up for OneDrive and get 15 GB of free online storage.
    OneDrive now comes with 15 GB of free online storage
    Get more space for all your photos, videos, and documents.
    Sign up now