http://spiresecurity.com/?p=148 Risk and Cybersecurity Analysis Wed, 21 Aug 2013 23:28:51 +0000 hourly 1 http://wordpress.org/?v=3.5.1 http://spiresecurity.com/?p=148&cpage=1#comment-165 Josh Fri, 08 Aug 2008 14:58:31 +0000 http://spiresecurity.com/blog/?p=148#comment-165 Personally I think Microsoft should by default just list a criticality label for the whole vulnerability to avoid confusion and noise. That said, Microsoft already has a full DREAD rating for the vulnerability internally, and they could display that in a div that is hidden by default but displayed when an advanced user clicks on a “show details” link or something similar. That way advanced users could make patch decisions based off of the specific details if they chose, but less advanced users wouldn’t be confused.

]]>