Abstract
: Today more than ever, timely response to vulnerabilities is critical to maintain the operational availability, confidentiality, and integrity of information technology (IT) systems. To assist federal agencies and industry respond to vulnerabilities in a timely manner, ITL recently released two new publications dealing with vulnerabilities in computer systems: NIST Special Publication (SP) 800-40, Procedures for Handling Security Patches, by Peter Mell and Miles C. Tracy, and NIST SP 800-51, Use of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming Scheme, by Peter Mell and Tim Grance. This ITL Bulletin summarizes these two documents on system vulnerabilities, available at
http://csrc.nist.gov/publications/nistpubs/index.html.