I know there are quite a few here with strong feelings regarding disclosure of vulnerabilities, so you might be interested in taking a look at this website:
http://www.oisafety.org/
You can learn more about what Microsoft and others are up to regarding disclosure standards. There's even a place to express your opinions, though I'm not holding my breath that anyone will listen.
Apologies if this has been posted before, I did a search for oisafety and came up empty.
Edit: Anyone care to share your opinions here?