Software Engineering Lifecycle. ©2002. Jan G. Hogle, Susan L. Gerhart. http://sfsecurity.pr.erau.edu

When
product users find a buffer overflow and alert authorities,
a flurry of
patching occurs:
¸An alert goes to the
vendor and official sites like cert.org
¸A confirmation,
analysis, and explanation goes out to vendors and
users as an advisory

