|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2013-05-30 20:51:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
Google: Disclosure timeline for vulnerabilities under active attack
Google has announced
that it will be disclosing information on actively-exploited
vulnerabilities after seven days. "Seven days is an aggressive
timeline and may be too short for some vendors to update their products,
but it should be enough time to publish advice about possible mitigations,
such as temporarily disabling a service, restricting access, or contacting
the vendor for more information. As a result, after 7 days have elapsed
without a patch or advisory, we will support researchers making details
available so that users can take steps to protect themselves."
Google has announced
that it will be disclosing information on actively-exploited
vulnerabilities after seven days. "Seven days is an aggressive
timeline and may be too short for some vendors to update their products,
but it should be enough time to publish advice about possible mitigations,
such as temporarily disabling a service, restricting access, or contacting
the vendor for more information. As a result, after 7 days have elapsed
without a patch or advisory, we will support researchers making details
available so that users can take steps to protect themselves."
