Security researchers find vulnerabilities in products; it’s an important and almost inevitable part of the job. One of the side effects of these discoveries is that often new, unfixed zero day vulnerabilities are identified which the affected vendor may not be aware of. This can present a somewhat difficult situation: What should be done with a new vulnerability that nobody else knows about yet? Continue reading