Microsoft reduces exploitability by being 'open'
Microsoft today is releasing a pair of new security efforts that are all about being more open when it comes to security.
Project Quant is a new open community effort that is tasked with developing an update management cost model while the Microsoft Office Visualization Tool (OffVis) are about ensuring you don't get Rick Rolled (i.e hit by a an office borne virus).
Both of those are good new ideas though the biggest thing that Microsoft has done in recent years to improve exploitabilty in my opinion has been to actually define exploitability.
A year ago, Microsoft rolled out its Microsoft Exploitability Index and the Microsoft Active Protections
Program (MAPP) as efforts to provide new visibility into security
vulnerabilities that affect Microsoft products.
