In June this year, Microsoft delivered a draft copy of its very first Security Servicing Criteria for Windows. This policy document was to serve as transparent evidence on how the company will work with security researchers and customers to display the criteria used for determining when reported vulnerability will be addressed through a security update.
After feedback and modifications, today, Microsoft has delivered the first version of the Security Servicing Criteria for Windows.
Full doc: Security Servicing Criteria for Windows
And, as part of this release, Microsoft is also releasing the Microsoft Vulnerability Severity Classification for Windows document. That document is available for download from HERE.
Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!