Microsoft has published documentation that reveals how is classifies the severity of vulnerabilities in Windows, as well as detailing how it decides whether problems should be addressed with a security patch or in the next version of Windows. The first batch of documentation shows for the first time how Microsoft defines "the criteria around security boundaries, features and mitigations in Windows". In releasing details of its severity classifications -- something known as the bug bar -- the company says that it is offering a "new level of transparency with the research community and our customers". See also: Malware writers exploit…
[Continue Reading]