@iwalker: It is called customer service. Do you want to let your customers in fear and uncertainty? No. For big security problems that have a very huge impact like heartbleed or log4j, it is a service to the customers to tell them that the product is safe, because it doesn’t use log4j. It even helps the company, because customers don’t start to speculate if the product is vulnerable or not.
2 Likes