Month of bugs

Template:Short description Template:Use dmy dates

A month of bugs is a strategy used by security researchers to draw attention to the lax security procedures of commercial software corporations.

Researchers have started such a project for software products where they believe corporations have shown themselves to be unresponsive and uncooperative to security alerts. Responsible disclosure is not working properly, and then find and disclose one security vulnerability each day for one month.

Examples

The original "Month of Bugs" was the Month of Browser Bugs (MoBB) run by security researcher H. D. Moore.^[1]

Subsequent similar projects include:

• The Month of Kernel Bugs (MoKB) which published kernel bugs for Mac OS X (now macOS), Linux, FreeBSD, Solaris and Windows, as well as four wireless driver bugs.^[2][3][4]
• The Month of Apple Bugs (MoAB) conducted by researchers Kevin Finisterre and LMH which published bugs related to Mac OS X.^[5][6][7]
• The Month of PHP Bugs sponsored by the Hardened PHP team which published 44 PHP bugs.^[8][9][10]

See also

• Fuzz testing
• Metasploit Project
• Vulnerability (computing)

References

<templatestyles src="Reflist/styles.css" />

Script error: No such module "Check for unknown parameters".

Further reading

<templatestyles src="Refbegin/styles.css" />

External links

• Month of Kernel Bugs (MoKB) archive
• Kernel Fun: Month of the Kernel Bugs blog
• Month of Apple Bugs (MoAB) archive
• Apple Fun: Month of the Apple Buggs blog
• Info-pull.com blog: A complementary blog from the hosts of MoKB and MoAB
• The Month of PHP Security