Microsoft Fights Back Against Zero-Day Exploits with MAPP, Exploitability Index


Microsoft announced two new security programs at the Black Hat USA 2008 Conference :

  • Microsoft Active Protections Program (MAPP)
  • Microsoft Exploitability Index

MAPP provides advance notification to third-party security providers of vulnerabilities that are being addressed by Microsoft security updates, such as the ones rolled out each month on "Patch Tuesday." MAPP is designed to help stop exploits that are launched between the announcement of upcoming patches and the availability of patches. MAPP starts in October, according to eWeek.

Security providers can learn more about MAPP by downloading the fact sheet (MS Word 97-2003 format). For additional insight from a former military and government security specialist who now works for Microsoft, see Steve Adegbite's blog entry about MAPP.

The Microsoft Exploitability Index will provide ratings of how likely each vulnerability is to being successfully exploited. The index will rate each vulnerability at one of three levels:

  • Consistent exploit code likely
  • Inconsistent exploit code likely
  • Functioning exploit code unlikely

Microsoft's fact sheet suggests (MS Word 97-2003 format) that vulnerabilities with the "Consistent" rating should be treated as the most serious threats, followed by the others. To get more insight into the need for this index, see Microsoftie Mike Reavey's blog entry (Reavey is part of the Microsoft Security Response Center). The index will be included with each new security bulletin, also starting in October.

Do you think MAPP and the Exploitability Index will help the industry stop hackers, or at least slow them down a bit? Your thoughts wanted!

Around the web