diff --git a/README.md b/README.md
index f20b241..eff2876 100644
--- a/README.md
+++ b/README.md
@@ -70,6 +70,10 @@ patched_versions = [">= 1.2.0"]
 # Versions which were never vulnerable (optional)
 unaffected_versions = ["< 1.1.0"]
 
+# Platforms this vulnerability specifically affects (optional)
+# See: https://docs.rs/rustsec/latest/rustsec/advisory/struct.PlatformReq.html
+#affected_platforms = ["*windows*"]
+
 # Vulnerability aliases, e.g. CVE IDs (optional but recommended)
 # Request a CVE for your RustSec vulns: https://iwantacve.org/
 aliases = ["CVE-2018-XXXX"]
diff --git a/crates/hyper/RUSTSEC-2016-0002.toml b/crates/hyper/RUSTSEC-2016-0002.toml
index 3735ea1..bba3283 100644
--- a/crates/hyper/RUSTSEC-2016-0002.toml
+++ b/crates/hyper/RUSTSEC-2016-0002.toml
@@ -6,6 +6,7 @@ references = ["RUSTSEC-2016-0001"]
 date = "2016-05-09"
 url = "https://github.com/hyperium/hyper/blob/master/CHANGELOG.md#v094-2016-05-09"
 title = "HTTPS MitM vulnerability due to lack of hostname verification"
+affected_platforms = ["*windows*"]
 description = """
 When used on Windows platforms, all versions of Hyper prior to 0.9.4 did not
 perform hostname verification when making HTTPS requests.