Security Fix: Microsoft to Open Kimono on Security Patches
Brian Krebs writes on Security Fix:
In a bid to help the security industry stay a step ahead of cyber crooks, Microsoft will release additional details behind the vulnerabilities it patches each month to anti-virus companies and other large vendors of Windows security software.More here.
While Microsoft already provides a brief fact sheet of which components of Windows will be fixed prior to its regular patch releases on the second Tuesday of each month, known as "Patch Tuesday," security vendors say additional details will help them more swiftly update their software to detect the latest attacks.
In particular, software companies rarely have enough time to develop attack "signatures," snippets of code or Internet traffic, that when found on a network or PC could indicate an attacker is trying to leverage the flaws.
Under a new program starting with October's Patch Tuesday cycle, Microsoft will begin releasing technical details that should allow security vendors to very quickly develop those signatures and gain a head start before the crooks learn to exploit the vulnerabilities.