Bug Bounties Uncover 1 in 4 Microsoft Flaws


Nearly a quarter of the vulnerabilities patched by Microsoft on Tuesday were discovered by researchers paid bounties by a pair of security companies, one of the vendors said Thursday.

Of the 21 flaws fixed by the 12 security updates issued Tuesday, 5 were credited to bug bounty programs run by Reston, Va. based VeriSign iDefense and Austin, Texas based 3com TippingPoint.

"It was really interesting to look at the overall bulletins Tuesday," said Mike Sutton, the director of VeriSign iDefense Labs. "The market is changing, and people are recognizing that there is value in vulnerabilities." Dark Reading - Application and Perimeter Security - Bug Bounties Uncover 1 in 4 Microsoft Flaws - Security

Linked by shanmuga Sunday, 18th June 2006 2:06AM