Exposure of software vulnerabilities on Twitter: Analyzing vendors’ behavior of releasing software patches

Abstract

Software vulnerabilities shared and discussed on social media platforms alert malicious users about the existence of vulnerabilities and increase the risk of exploits. In this study, we build a hazard model to explain the effect of social media exposure of software vulnerabilities on vendors’ behavior towards releasing patches. We collect data from multiple sources, including the United States Computer Emergency Readiness Team (US-CERT), the National Vulnerability Database, vendor websites, and Twitter. The results suggest that social media exposure, measured as retweet count, accelerates releasing the patches for immediately disclosed vulnerabilities. Patches are further expedited if the tweets discuss the root-cause or exploit details. Vulnerabilities shared by credible sources are patched faster. Additionally, vulnerability characteristics, such as a higher impact on confidentiality, integrity, or availability and a higher severity level, lead to faster patches. Finally, vulnerabilities that can be exploited remotely are patched faster. Overall, our findings illustrate that social media exposure exacerbates the pressure on vendors to release patches quickly. Thus, policymakers and discoverers can use social media as a tool to further influence vendor behavior in socially desirable ways.