Tech
CERT to disclose security flaws in 45 days
Starting on Monday, the Computer Emergency Response Team, or CERT, Coordination Center will begin disclosing the technical details of security flaws 45 days after they are first notified of the problem, the center announced this week. The move is significant in that "open disclosure" of vulnerabilities is still part of a controversial debate in the software industry because companies like to have as much time as possible to fix any flaws in applications.
Starting on Monday, the Computer Emergency Response Team, or CERT, Coordination Center will begin disclosing the technical details of security flaws 45 days after they are first notified of the problem, the center announced this week. The move is significant in that "open disclosure" of vulnerabilities is still part of a controversial debate in the software industry because companies like to have as much time as possible to fix any flaws in applications. In some cases, where the vulnerability is in critical systems, the disclosure date may be before or after the normal 45-day period, said CERT/CC. -- Robert Lemos, ZDNet News