/>
X

Does one bad apple spoil Microsoft's vulnerability sharing program?

Andrew Storms: There will be people calling for Microsoft to scrap MAPP but considering the market value of the information shared with MAPP partners, one confirmed leak in four years is a pretty impressive track record.
ryan-naraine.jpg
Written by Ryan Naraine, Contributor on

Guest editorial by Andrew Storms

When Microsoft first announced the Microsoft Active Protections Program (MAPP) in 2008, there was a lot of valid speculation that the program might actually end up endangering users instead of protecting them. The thought process was simple: If Microsoft released valuable vulnerability data outside the castle walls, even 24 hours early, it would benefit cyber criminals more than customers. The fear was that the information would leak and speed up the creation more and better exploits that would be released in the wild.

That speculation was squashed pretty quickly and the program has been running efficiently ever since.

There have been some unconfirmed rumors about MAPP leaks in the past, but none of them have been as brazen and obvious as yesterday's RDP proof-of-concept exploit code leak.

Microsoft hasn't directly pinpointed that there is a leak in the program, but they have acknowledged a potential problem (to the degree Microsoft PR machine allows).

[ SEE: Microsoft confirms MAPP exploit code leak ]

Here's a quote from Microsoft's post:

"The details of the proof-of-concept code appear to match the vulnerability information shared with Microsoft Active Protections Program (MAPP) partners. Microsoft is actively investigating the disclosure of these details and will take the necessary actions to protect customers and ensure that confidential information we share is protected pursuant to our contracts and program requirements."

So, what might this might mean for the future of MAPP?

Well, probably not much. There will be people calling for Microsoft to scrap MAPP but considering the market value of the information shared with MAPP partners, one confirmed leak in four years is a pretty impressive track record.

As an optimist, I think this incident just underscores the motivation of almost everyone in the security to work together to reduce customer risk and improve information security programs.

* Andrew Storms is nCircle’s Director of Security Operations. He is responsible for the definition and enforcement of the company’s security compliance programs as well as overseeing day-to-day operations for the Information Technology department.

RELATED:

Related

He flew American Airlines, she flew United. For both, the unthinkable happened
screen-shot-2022-06-30-at-10-14-36-am.png

He flew American Airlines, she flew United. For both, the unthinkable happened

Business
Southwest Airlines has cancelled 20,000 flights. Now for the really bad news
screen-shot-2021-07-07-at-4-01-12-pm.png

Southwest Airlines has cancelled 20,000 flights. Now for the really bad news

Business
McDonald's and Chick-fil-A both have a big problem. Only one has a solution
screen-shot-2022-06-28-at-6-24-27-pm.png

McDonald's and Chick-fil-A both have a big problem. Only one has a solution

Business