Recently, microsoft studies to safety the bound released two documents publicly first, introduced its in detail the classification of safe to Windows flaw and processing means.
These files are by Microsoft safety answers a center (MSRC) conformity edits in going one year and become, alleged " Microsoft safety answers a center (MSRC) " it is to be in charge of receive and treating a branch that flaw reports related Microsoft safety.
It is reported, the rough draft of these two files already was released June this year, the purpose is the feedback information that gathers safety to study bound and more extensive safe industry. And what this week releases is the final version that contains a large number of up to date information.
The first file is the name is " the Windows safety of Microsoft serves a standard " webpage. The main message that this page covers includes: The Windows function of what type is passed normally urgent " day of Zhou Er patch " (Patch Tuesday) offer safety to update a service, and what flaw leaves Windows advocate develop group rehabilitate and be in a year twice (Bi-annual) Windows operating system is updated in roll out.
This file is all content cent 3 kinds big: Safe border, safe function and depth defence (Defense-in-depth) safe function.
Among them, safe border is the content that those Microsoft think to disobey data to visit strategy apparently. For example, an erroneous report described process of mode of blame administrator user how to get kernel mode and data visit limits of authority, this mistake will be regarded as " safe border " violate compasses, in this circumstance subordinate " the kernel is attrib border " . Microsoft listed nine safety is attrib border -- browser of sandbox of network, kernel, process, AppContainer, user, conversational, Web, fictitious machine and fictitious safety mode are attrib border.
Safe function is application program and other the flaw report that strengthens safe and attrib border function in the operating system, for example the medium flaw report such as BitLocker, Windows Defender, Secure Boot.
Before two flaw report is to be limitted to be almost " safe flaw " , microsoft group will pass every months " day of Zhou Er patch " the instant patch that safety updates tries repair these flaw.
Last kinds -- deepness defence (Defense-in-depth) safe function, it is Microsoft thinks rash club sex (Robustness) before mixing two categories are not on an administrative levels, just offer " additional security " function. Function of deepness defence safety includes user account to control (UAC) randomization of layout of space of function, AppLocker, address (ASLR) , control sheds protection (CFG) etc.
The erroneous report in deepness defence function won't be passed normally " Zhou Er patch " provide newer service, can be come down by the record however, supply a patch again when having need later.
The 2nd document that Microsoft releases is documentation of a PDF, this documentation described Microsoft how to classification erroneous report by seriousness rank. This documentation defined what mistake is judged to be it what is judged to be is serious, important that what is judged to be, what is judged to be medium and what is judged to be low risk.
For example, the mistake that allows to visit file system without accredit and keep data on disk is labelled serious flaw, and restart the rejection that uses a program serves a mistake to be regarded as low risk flaw from beginning to end merely.
In the past in a few years, seasonable rehabilitate is certain after Microsoft is failed to refer flaw to report in researcher by criticism for many times flaw.
The purpose of these documentation is to be manager of safe researcher, media, system and average user to clarify whole thing. Resemble other any companies are same, microsoft safety answers a center (MSRC) natural resources is very limited also, this documentation makes information safety community can understand Microsoft staff member to be in deep examine and decide the technological process that safe flaw uses when first step.
To these two published documents, microsoft respect expresses, we hope this documentation can make as the elapse of time ceaseless progress ' vivid ' file, we expect to continue at this point topic and safe community have a conversation.
About what Microsoft announces its are opposite the classification of Windows safe flaw and processing means are textual address:
