TippingPoint gives vendors six months to fix holes

Some software vendors are taking too long to fix flaws in their products so the Zero Day Initiative is giving them a deadline for the first time.

As of Wednesday, software vendors will have a deadline to fix vulnerabilities reported to them by TippingPoint's Zero Day Initiative rather than allowing holes to remain unpatched indefinitely.

Vendors will be required to fix the holes within six months, said Aaron Portnoy, manager of security research at TippingPoint, owned by Hewlett-Packard. TippingPoint runs the Zero Day Initiative, which acts a broker paying researchers for information on vulnerabilities and then providing the information to the vendors so they can fix them.

Extensions to the deadline will be given on a case by case basis, he said. If they don't fix the hole within six months and haven't received an extension, TippingPoint will release limited details on the vulnerability, along with mitigation information so organizations and consumers who are at risk from the hole can protect themselves, he added.

There are more than 120 vulnerabilities that TippingPoint has reported to vendors that have not been patched yet, and quite a few of them are older than a year, according to Portnoy.

With the deadline, TippingPoint is "hoping for quicker turnaround times" for fixes, he said.

CNET will take a deeper look at the news in an article on Wednesday.

Tags:
Security
About the author

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
10 mobile gadgets gone gonzo (pictures)
Apple in 2014: iPhone 6, iCloud hack, Beats and more (pictures)
The 12 most distinctive phones of 2014 (pictures)
Best mobile games of 2014
Nissan gives new Murano bold style (pictures)
Top great space moments in 2014 (pictures)