United States: Vulnerability sales help secure Microsoft.Byline: Mamta03 The Zero Day Initiative, TippingPoint's bug bounty bounty, payment made by a government bounty, amount paid by a government for the achievement of certain economic or other goals. It often takes the form of a premium paid for the increased production or export of certain goods. program, spends 30 percent of its effort helping Microsoft mitigate bugs in its Windows operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. and applications, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. data posted online on Thursday. The data, part of a presentation given by ZDI's Pedram Amini last month, shows that about a quarter of the bugs accepted by ZDI ZDI Zero Day Initiative (3Com/Tippingpoint) since its launch in August of 2005 were vulnerabilities in Microsoft software. The group has only accepted about 30 percent of the 1,900 flaws submitted by researchers for all software. "That's 33 Microsoft critical issues we are responsible for disclosing on average per year," Amini wrote on ZDI's blog. "As Microsoft accounts for most of our purchases it is no surprise that they account for most of our expenditures as well -- 30 percent." Flaws in Apple software came a distant second to Microsoft, accounting for only 8 percent of the group's research expenditures, he stated. The research also showed that the Mozilla Foundation (body, World-Wide Web, open source) Mozilla Foundation - The body set up by Netscape in January 1998 to coordinate development of the Mozilla browser and to provide a point of contact. Mozilla Home. led the industry with the fastest vendor response time overall. The developer of the Firefox browser browser Software that allows a computer user to find and view information on the Internet. The first text-based browser for the World Wide Web became available in 1991; Web use expanded rapidly after the release in 1993 of a browser called Mosaic, which used averaged 48 days from notification to patch. Apple came in second, with an overall average of 91 days from notification to patch. Microsoft hovered at the center of the pack at 197 days, while Symantec, the owner of SecurityFocus, sported the worst performance -- 307 days on average. Hewlett-Packard, Microsoft and IBM Many people are too new to the computer industry to remember that IBM once occupied the lofty position that Microsoft currently enjoys. Today, it's a Microsoft versus The Rest of the World computer industry. Yesterday, it was IBM versus everybody else. posted records for the longest time to fix a vulnerability. HP placed first and second with two vulnerabilities that continue to be outstanding at 1,071 days and 911 days. Microsoft held the third and fourth positions with two vulnerabilities, since patched, that had remained outstanding for 875 days and 866 days, respectively. IBM's worst response time is an issue that remains outstanding after 847 days. "The presented data was our first unveiling of a vendor 'report card,'" stated Amini. "Within the next month or so, we intend on creating a permanent home on the ZDI website with all these statistics and more." Copyright : Euclid Infotech Pvt. Ltd. Provided by Syndigate.info an Albawaba.com company |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion