HP's TippingPoint subsidiary has announced a new initiative under which it will release data on software flaws six months after notifying the vendor.
The vulnerability research organisation said that if it has not heard back from a manufacturer about a reported flaw within six months, it will release data on the problem to its customers along with a workaround.
Full disclosure under the Zero Day Initiative will follow, unless an extension to the deadline is worked out in advance.
"Comprehensive protection of critical data assets requires organisations to keep their defences up to date as malicious activity reaches new levels and applications become more complex," said Aaron Portnoy, manager of security research at TippingPoint.
"This policy change is critical for staying ahead of threats so that users can reduce data, financial and productivity loss."
"Microsoft advocates co-ordinated vulnerability disclosure, where vendors and finders work together closely towards a resolution," said Dave Forstrom, director of Microsoft's Trustworthy Computing Group.
"Extensive efforts should be made to make a timely response, and only in the event of active attacks is public disclosure, focused on mitigations and workarounds, likely to be the best course of action. Even then it should be co-ordinated as closely as possible."
BT wants to make the public switched telephone network history within eight years
Personal data being purloined by third parties via Facebook Login API
MacOS and iOS are better off apart, says CEO Tim Cook
Or they'll no longer be entitled to updates and bug patches