Tuesday, 29 August 2006
Be Warned of Upcoming Bugs In Microsoft, CA, Symantec |
| |
|
| |
TippingPoint has marked the one year anniversary of the Zero Day Initiative (ZDI) inception by announcing it will begin publishing statistics on all vulnerabilities pending public disclosure on the Zero Day Initiative web site. These 29 unresolved issues have been reported to the Zero Day Initiative, and are currently being addressed by the affected vendors.
Since launching the Zero Day Initiative portal on August 30 2005, zero day threats have been addressed by ensuring details regarding unknown or undisclosed vulnerabilities remained confidential until the issue could be disclosed with the affected vendor's solution or patch. Of these 30 issues, seven involve widely used Microsoft software products. Other Zero Day Initiative vulnerabilities over the last year have also affected vendors including Mozilla, Symantec, Novell, Adobe, and Apple to name a few.
Over 400 security researchers are now signed up to the ZDI program, in addition to the original research being performed by the TippingPoint security research team (TSRT). The TSRT shares statistics of its pending vulnerability advisories on the TippingPoint site, and has discovered 16 zero day vulnerabilities over the last year, including three Microsoft issues.
"Over the past year, the most resounding suggestion from our Zero Day Initiative researchers was to add more transparency to our program by publishing the pipeline of vendors with pending zero day vulnerabilities," said David Endler, director of security research for TippingPoint. "We've been pleased with the progress we have made acting as an intermediary between security vendors and researchers, ultimately working together to help protect the vendor's customers from emerging zero-day exploits while appropriately rewarding the researcher."
|
| |
|
|
| |
|
|
| |
|
|
| |
|
