Security Holes of computer system and web application are main causes of network threat. The disclosure of security holes can have a profound impact on national security，corporate interests and personal privacy and with the deep integration of the Internet and manufacturing industry，the security risks brought by the industrial control system loopholes are also increasingly serious. Nations of the world attach great importance to this. A series of regulatory policies have been introduced to explain the details of the disclosure and large number of vulnerability disclosure platforms are constructed. This paper studies the security holes disclosure policy and analyze the characteristics of each vulnerability disclosure platform. At the same time，it also puts forward some suggestions for the disclosure policy of China.