LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

RHEL, kernel vulnerabilities, and days of risk

RHEL, kernel vulnerabilities, and days of risk

Posted Mar 28, 2005 17:16 UTC (Mon) by giraffedata (subscriber, #1954)
In reply to: RHEL, kernel vulnerabilities, and days of risk by Ross
Parent article: RHEL, kernel vulnerabilities, and days of risk

What you say would only be true if the only way to find out about the vulnerability were from Microsoft.

You misread my comment. When I said "if Microsoft can keep vulnerabilities secret," I didn't mean if Microsoft can avoid telling people about them (though I understand that's sometimes what "keep secret" means). I meant if Microsoft can keep the vulnerabilities from becoming general knowledge.

To the extent that Microsoft can't do that, because other people find and expose the vulnerabilities, my comment doesn't apply.

But the article suggests that Microsoft can to some extent keep the vulnerabilities secret, because it says Microsoft lessens its "days of risk" measurement by not disclosing bugs.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds