Back in August the Zero Day Initiative, a program founded by HP’s TippingPoint, announced that they would be making changes to their process due to vulnerabilities whichÂ Â seemed to hang around forever. Because the timeline for disclosure of vulnerabilities had been controlled by the vendors, some appear to drag their feet on patching them. Anyone who has seen the Stack of Shame over onÂ HNN knows what they mean. To avoid this, the ZDI implemented a six month deadline, after which details of the vulnerability would be publicly disclosed.
Well, the six month birthday has hit for some vulnerabilities, and the ZDI has started releasing the information on vulnerabilities for some big name vendors such as Microsoft, CA, Novell, SCO and even TippingPoint’s parent, HP.
The details are available over at TippingPoint’s DVLabs blog.