Bill Aims to Clarify When and How the Government Discloses Software Vulnerabilities

Nextgov: On the heels of a major ransomware attack that first plagued the national health service in Britain and then spread globally, U.S. lawmakers want to codify the process by which the government shares newly discovered vulnerabilities with software vendors and the public.

A bipartisan group of senators introduced a bill that directs federal leaders to come up with a more transparent process for determining when those vulnerabilities should be disclosed. The process would consider how damaging the vulnerabilities would be if exploited by criminals and foreign intelligence, and the potential consequences for vendors and consumers who could be targeted.

Read article