Admins have to hold their breath for two more weeks on the Badlock vulnerability. Which will come first: the patch, or a public exploit?
Tag Archives: coordinated vulnerability disclosure
Adobe Starts Vulnerability Disclosure Program on HackerOne
Adobe launched its first vulnerability disclosure program this week. It will use the HackerOne platform and will not pay out bounties, instead researchers can bulk up their HackerOne reputation scores. Only vulnerabilities in Adobe web applications or web-based services are in scope.
Round 2: Google Deadline Closes on Pair of Microsoft Vulnerabilities
Google Project Zero has disclosed a pair of unpatched Windows vulnerabilities after the expiration of its 90-day deadline. Microsoft said it will patch one bug in February, and both sides agree the second does not merit a security bulletin.