2015/01/11 : Microsoft made a call for better coordinated vulnerability disclosure after that "Google has released information about a vulnerability in a Microsoft product, two days before [their] planned fix on [their] well known and coordinated Patch Tuesday cadence, despite [their]...Read more
2001/10/21 : Levy gives his point of view on Culp essay : "It appears Culp is more comfortable with an 'information dictatorship' or 'information oligarchy' model, and has entirely missed the fact that the movie house ...Read more
2011/04/19 : Microsoft publishes a paper on CVD to explain in more details how it is working.
"Today, we’re providing more transparency and insight into our disclosure philosophy by announcing three updates to our disclosure practices – a CVD at Microsoft document, MSVR...Read more
2013/07/10 : Here is the Microsoft first Bounty Notification after they finally decide to launch their bug bounty.
This artifact is part of the Microsoft Vulnerability Disclosure Bundle.Read more
2003/04/22 : Stephen A. Shepherd define what is responsible disclosure and make a summary of vulnerability disclosure history at this stage.Read more
2003/11/23 : "Security pros gathering at a Stanford University Law School conference on responsible vulnerability disclosure Saturday harmonized on the principle that vendors should be privately notified of holes in their products, and given at least some time to produce a patch before any...Read more
2008/08 : Microsoft create the Microsoft Vulnerability Research Program (MSVR).Read more
2010/07/22 : "Today on the MSRC [Microsoft Security Response Center] blog, Matt Thomlinson, General Manager of Trustworthy Computing Security, announced our new philosophy on Coordinated...Read more