Microsoft Patches: When Silence Isn't Golden

The software maker admits to withholding details on security vulnerabilities to protect customers from bad guys, but critics say that policy increases the risk for everyone.

Microsoft has 'fessed up to hiding details on software vulnerabilities that are discovered internally, insisting that full disclosure of every security-related product change only serves to aid attackers.

The company's admission follows criticisms from a security researcher that its policy of silently fixing software flaws is "misleading" and not in the spirit of Microsoft's push for transparency. Microsoft Patches: When Silence Isn't Golden

Linked by shanmuga Saturday, 22nd April 2006 3:13AM