US-CERT security and threats

Write a report of around 3500 words that covers:

•The type of organisations and communities that contribute to resources such as the US-CERT security bulletins.

•Good and bad practices of vulnerability exposure.

•Whether or not there is compensation for vulnerability discovery.

•Two different recent operating system security patches and two different recent application security patches for common operating systems and applications. For each case:

Describe in detail the vulnerability and the potential or actual damage caused.

The description should demonstrate that you understand the problem and how it works and explain it in your own words.  Copying descriptions or paraphrasing them will NOT be acceptable. 

Describe details of how and why the initial workaround mitigated the problem prior to it being fixed.

How the vulnerability was discovered and whether or not it was actually exploited.