Write a report of around 3500 words that covers:
- The type of organisations and communities that contribute to resources such as the US-CERT security bulletins.
- Good and bad practices of vulnerability exposure.
- Whether or not there is compensation for vulnerability discovery.
- Two different recent operating system security patches and two different recent application security patches for common operating systems and applications. For each case:
- Describe in detail the vulnerability and the potential or actual damage caused
- The description should demonstrate that you understand the problem and how it works and explain it in your own words. Copying descriptions or paraphrasing them will NOT be acceptable.
- Describe details of how and why the initial workaround mitigated the problem prior to it being fixed.
- How the vulnerability was discovered and whether or not it was actually exploited.