solution-
answer 1 - the thing that google have done differently should be that they must not release software vulnebarities with exploit code instead they must provide advisory for the vulnerabilities and microsoft must try to improve its bug in meantime instead of asking for more time.
answer 2 - yes the release is good at some extent as it awares users of the bug or software vulnebarities but it must be realeased without the explicit code but google disclosure policy is good for users in long run.
answer 3 -the google 90 day ploicy is good but it should be adjusted according to the situation as sometimes required time is genuine.
answer 4 - no sticking to the patch tuesday is not right they must try to release the patch as early as possible
answer 5- the google must not publish the exploit code as it is dangerous and make its unsecure and hackers can attack it
Introduction The debate over “responsible” disclosure of software vulnerabilities has been a mainstay in the security...
"Security Updates" for software (e.g., Microsoft Windows operating systems, Adobe Flash Player, etc.) and firmware (e.g., firmware in a home use, consumer 'Wi-Fi Router') are designed to patch (fix) vulnerabilities. True False A company is the victim of a cyber attack in which a previously unknown vulnerability in a webserver is exploited. Which statement is true? The company that was attacked will immediately find information on the vulnerability in the National Vulnerability Database (NVD). This attack is known as a...
ans that has not been repeated needed!! Global GamingSesamWare is a Japanese software company responsible for the most popular open source software available on the market today. In operation since the mid-1990s, SesamWare initially gained international acclaim with an online, multiplayer, fantasy dimension game called Parallelworld. Parallelworld was the most popular game in the world between 2004 and 2007, with over 300 million worldwide gamers at its peak in 2006. Today, the SesamWare software—initially installed as part of the bundle...
Ans that has not been repeated needed!! Global GamingSesamWare is a Japanese software company responsible for the most popular open source software available on the market today. In operation since the mid-1990s, SesamWare initially gained international acclaim with an online, multiplayer, fantasy dimension game called Parallelworld. Parallelworld was the most popular game in the world between 2004 and 2007, with over 300 million worldwide gamers at its peak in 2006. Today, the SesamWare software—initially installed as part of the bundle...
IT's About Business 4.1 The Heartbleed Bug What Is Heartbleed? OpenSSL, an open-source software package, is a popular type of transport layer security (TLS) software (discussed later in this chapter) that secures numerous websites around the world. Web servers use OpenSSL to encrypt sites. Such sites show up in browsers with a “lock” icon and the “https” prefix in the address bar. The encryption protects Internet sites offering banking, shopping, email, and other private communications. Roughly two out of three...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...
TRUE/FALSE QUESTIONS: Foundations of Information Security and Assurance 1. There is a problem anticipating and testing for all potential types of non-standard inputs that might be exploited by an attacker to subvert a program. 2. Without suitable synchronization of accesses it is possible that values may be corrupted, or changes lost, due to over-lapping access, use, and replacement of shared values. 3. The biggest change of the nature in Windows XP SP2 was to change all anonymous remote procedure call (RPC)...
CASE 8 Unlocking the Secrets of the Apple iPhone in the Name of access the male San Bernardino suspect's iPhone 5c. Cook stated: Antiterrorism We are challenging the FBI's demands with the deepes respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications While we believe the FBI's intentions are good, if would be wrong for the w e nt to force...