from the somebody's-got-a-case-of-the-patch-tuesdays dept.
Pigskin-Referee writes "Microsoft has expanded its vulnerability disclosure policy to include not only those in its own products, but also flaws in third-party software that runs on Microsoft operating systems. These will follow the same practices as the advisories issued for Microsoft's products, and it makes sense, because many users look to Microsoft to ensure that their computers are secure, even when the problem lies with a third-party program. The company will contact and coordinate with the third-party vendor before an advisory is issued."
"If you want to eat hippopatomus, you've got to pay the freight."
-- attributed to an IBM guy, about why IBM software uses so much memory