"Security tools vendor ISS has promised to handle security
vulnerabilities affecting open source and Windows platforms the
same way following criticism of its premature disclosure of open
source security problems.
"In recent months, sections of the security community allege
that ISS has jumped the gun in releasing information on flaws
within a Solaris font daemon, BIND and (most notably) Apache ahead
of the widespread availability of a fix. Critics argue ISS acted
out of self-promotion rather than the interests of the wider
"ISS strongly denies this but admits to mistakes in its approach
which it addresses through revised vulnerability disclosure
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.