Development of a Security Update
Once product support or the MSRC identifies the need for a security update, the development process begins. This process differs for operating systems and applications, but the same general method is used:
The vulnerability identified by MSRC or the bug identified by product support is escalated to the Microsoft sustained engineering team.
The sustained engineering team investigates the bug and assigns it to a developer. The developer might be on the sustained engineering team or might be the core team developer responsible for the operating system or application component.
The developer creates an initial security update. This security update addresses the vulnerability or bug but does not undergo testing other ...
Get Microsoft® Windows® Security Resource Kit, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
