Does one bad apple spoil Microsoft's vulnerability sharing program?

Summary:Andrew Storms: There will be people calling for Microsoft to scrap MAPP but considering the market value of the information shared with MAPP partners, one confirmed leak in four years is a pretty impressive track record.

Guest editorial by Andrew Storms

When Microsoft first announced the Microsoft Active Protections Program (MAPP) in 2008, there was a lot of valid speculation that the program might actually end up endangering users instead of protecting them. The thought process was simple: If Microsoft released valuable vulnerability data outside the castle walls, even 24 hours early, it would benefit cyber criminals more than customers. The fear was that the information would leak and speed up the creation more and better exploits that would be released in the wild.

follow Ryan Naraine on twitter

That speculation was squashed pretty quickly and the program has been running efficiently ever since.

There have been some unconfirmed rumors about MAPP leaks in the past, but none of them have been as brazen and obvious as yesterday's RDP proof-of-concept exploit code leak.

Microsoft hasn't directly pinpointed that there is a leak in the program, but they have acknowledged a potential problem (to the degree Microsoft PR machine allows).

[ SEE: Microsoft confirms MAPP exploit code leak ]

Here's a quote from Microsoft's post:

"The details of the proof-of-concept code appear to match the vulnerability information shared with Microsoft Active Protections Program (MAPP) partners. Microsoft is actively investigating the disclosure of these details and will take the necessary actions to protect customers and ensure that confidential information we share is protected pursuant to our contracts and program requirements."

So, what might this might mean for the future of MAPP?

Well, probably not much. There will be people calling for Microsoft to scrap MAPP but considering the market value of the information shared with MAPP partners, one confirmed leak in four years is a pretty impressive track record.

As an optimist, I think this incident just underscores the motivation of almost everyone in the security to work together to reduce customer risk and improve information security programs.

* Andrew Storms is nCircle’s Director of Security Operations. He is responsible for the definition and enforcement of the company’s security compliance programs as well as overseeing day-to-day operations for the Information Technology department.

RELATED:

Topics: Security, Microsoft

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.