“The questionable handling of a fix for a recent widespread
software vulnerability has some administrators worried that
developers can’t be trusted to make security a top priority.“Last week, the Internet Software Consortium withheld the patch
for a critical flaw in the domain name system (DNS) software from a
large number of researchers, asking instead that each person send
the organization an e-mail request in order to get the fix. The
software, known as the Berkeley Internet Name Domain (BIND)
program, performs a critical function as the address book for the
Net…“The ISC’s flub is the latest incident to call into question
whether software companies, security researchers, and open-source
development groups can be relied on to responsibly handle the
vulnerabilities found in the software that forms the foundation of
the Internet…”
CNET News: Patch Slipup Raises Security Questions
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis