Microsoft to share vulnerability details with governments

Microsoft today announced plans to share pre-patch details on software vulnerabilities with governments around the world under a new program aimed at securing critical infrastructure and government assets from hacker attacks.

Microsoft today announced plans to share pre-patch details on software vulnerabilities with governments around the world under a new program aimed at securing critical infrastructure and government assets from hacker attacks.

The program, codenamed Omega, features a Defensive Information Sharing Program (DISP) will offer governments entities at the national level with technical information on vulnerabilities that are being updated in our products.

Microsoft's Steve Adegbite explains:

follow Ryan Naraine on twitter

We will provide this information after our investigative and remediation cycle is completed to ensure that DISP members are receiving the most current information. While this process varies from issue to issue due to the complex nature of vulnerabilities, disclosure will happen just prior to our security update release cycles.

Microsoft currently shares technical information on vulnerabilities with select security companies ahead of Patch Tuesday under the MAPP program.

The company also announced a second information sharing program called the Critical Infrastructure Partner Program (CIPP) that aims to "provide valuable insights on security policy, including strategies, approaches to help aid the protection efforts for critical infrastructures," according to Adegbite.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All