Skip to main content

Should Microsoft start paying for vulnerabilities?

posted onMarch 15, 2007
by hitbsecnews

Hackers are starting to agitate for Microsoft to start paying for information on security flaws found in its software products.

The issue surfaced this week after the MSRC (Microsoft Security Response Team) posted a message on the sla.ckers.org message board, calling on third-party researchers to submit vulnerability information directly to Redmond before going public. The invitation ? which extended to bugs found in all of Microsoft online web properties such as *.microsoft.com, *.msn.com and *.live.com ? is part of Microsoft's insistence on the concept of "responsible disclosure," where researchers give advance notice to affected vendors but, for the first time, the response from hackers suggest it's time for Microsoft to offering cash rewards for flaw information.

Source

Tags

Microsoft

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th