We present a model of fixing or patching a software problem after the product has been released in the market. Specifically, we model a software firm's trade-off in releasing a buggy product early and investments in fixing it later. Just as the marginal cost of producing software can be...

Software vulnerabilities represent a serious threat to cyber security: most cyber-attacks exploit known vulnerabilities. Unfortunately, there is no agreed-upon policy for their disclosure. Disclosure policy (protected period given to a vendor to patch the vulnerability) indirectly affects the...