QOTD on Disclosure

Thinking that there's no one else out there who knows the details of a given zero-day flaw is one of the things that leads to ridiculously long gaps between disclosure and the release of a patch. Even in the case of a vulnerability for which all of the details aren't public, a bit of information combined with a short window of time before a patch is available can give attackers the head start they need to launch mass exploits.
-- Dennis Fisher, Editor at ThreatPost

Src: Why Vulnerability Research Matters | threatpost

No comments: