In a government news release Department for Science, Innovation and Technology said its Vulnerability Monitoring System has cut identification and remediation of DNS vulnerabilities in UK public sector sites from an average of 50 days to eight.
KEY FACTS
- System Vulnerability Monitoring System automates vulnerability scanning of public sector sites
- Scope Approximately 6,000 websites scanned
- Checks Configured to check about 1,000 vulnerabilities
- DNS fix time DNS vulnerability remediation reduced from 50 days to eight days
- Throughput Around 400 confirmed vulnerabilities resolved per month
VMS uses a combination of commercial and proprietary scanning tools to detect vulnerabilities and DNS configurations that could be compromised. The system runs continuous scans across public sector domains.
Deployment metrics include a reduction in median time to fix other issues from 53 days to 32 days and a 75 percent cut in the backlog of critical domain related vulnerabilities. The programme has averaged resolving roughly 400 confirmed vulnerabilities each month since launch.
The report also includes a new career pipeline intended to motivate security professionals to seek roles at the department and the UK National Cyber Security Centre. The initiative aims to protect essential public services.
Mozilla‘s Firefox 148 includes a Sanitizer API that replaces innerHTML assignments with setHTML to strip active HTML and mitigate DOM cross site scripting. The API is limited to client side DOM XSS and cannot prevent reflected or stored XSS attacks.
A policy statement from the US Federal Trade Commission exempts operators who collect minors’ personal data for age verification from COPPA enforcement when the data is handled properly, parents are notified, and retention is limited.
WHY IT MATTERS
Faster detection and remediation of DNS and other public sector vulnerabilities reduces the window for exploitation and can limit disruption to public services. The new screening and hiring measures aim to sustain those improvements over time.