I would say that Microsoft has quite extensive experience in this particular topic. We'd certainly be happy to consult and to inform some views on that particular topic following this committee meeting.
We certainly encourage confidential vulnerability disclosure. We work with a community and have fostered a community with security researchers around the world. We have extensive bug bounty programs to try to direct that research into areas of our products and services that we feel are the most sensitive or where we'd like to see more inspection. Quite frankly, we've found that works generally very well.
There are certainly situations where.... Technically, these patches are updates to address these vulnerabilities, and they take time. We don't want to roll out a patch before it's ready and end up disrupting or negatively impacting existing infrastructure out there.