Tag Archives: coordinated vulnerability disclosure

Adobe Starts Vulnerability Disclosure Program on HackerOne

Adobe launched its first vulnerability disclosure program this week. It will use the HackerOne platform and will not pay out bounties, instead researchers can bulk up their HackerOne reputation scores. Only vulnerabilities in Adobe web applications or web-based services are in scope.

Round 2: Google Deadline Closes on Pair of Microsoft Vulnerabilities

Google Project Zero has disclosed a pair of unpatched Windows vulnerabilities after the expiration of its 90-day deadline. Microsoft said it will patch one bug in February, and both sides agree the second does not merit a security bulletin.