Discover Vendors/Products News
MS to force IT-security censorship
Terms of the partnership agreement include provisions which would enjoin partners from releasing 'detailed' vulnerability data over a 'blackout' period. Our information is in conflict here; we've heard that the blackout could be 45 days, a la CERT, or as long as six months, or indefinitely, until a fix is developed.
It's likely that several drafts of the agreement are in circulation, and this uncertainty indicates the minimum and maximum periods currently under consideration.