Microsoft and other software makers met with several computer-security companies Thursday to hash out the last details of a group that will set guidelines for reporting software flaws that affect Internet security. Currently named the Organization for Internet Safety, the group . . .

Microsoft and other software makers met with several computer-security companies Thursday to hash out the last details of a group that will set guidelines for reporting software flaws that affect Internet security. Currently named the Organization for Internet Safety, the group is still in flux, with members and rules not yet finalized, said sources knowledgeable with the discussions. The talks took place here, at the RSA Conference 2002.

Stuart McClure, OIS member and president and chief technology officer of digital-security company Foundstone, wouldn't give details about the meeting but confirmed that no form has been settled on for the organization. He did say that such a group is sorely needed by the security industry.

"There is no unified procedure, policy or expectation for software companies today regarding vulnerability disclosure," McClure said. "This will help clarify."

The link for this article located at CNET is no longer available.