Microsoft slams Google for publishing vulnerability in Windows 8
Senior Director of the Microsoft Security Response Center, Chris Betz, said in a blog post that Google knew Microsoft had a fix in the pipeline and was due to be released on "Patch Tuesday", however, Google went ahead with the disclosure just two days out, despite being asked not to do so.
In a post published on Google's security research site earlier, a researcher disclosed the vulnerability and how to execute the flaw. The vulnerability allows for an elevation of privilege in Windows 8.1, an example application was also included that could launch calc.exe using the method.
Betz argued that responding to "security vulnerabilities can be a complex, extensive and time-consuming process" and that Google should be more flexible and be willing to coordinate with other companies in the interest of the millions of people who depend upon on the software.
The Google researcher earlier defended the disclosure, saying they waited 90 days before letting the world know how to exploit it, following their company's public disclosure philosophy, which is meant to pressure companies into fixing vulnerabilities more quickly.
Betz argued that privately disclosed vulnerabilities are more likely to be fixed and less likely to be exploited by "cybercriminals" than ones that are publicly disclosed.
Google is unlikely to change it long-held philosophy though.
Posted:
Related Forum: PC General Forum
Source: http://www.neowin.net/news/microsoft-slams-google-for-publishing-a-security-vulnerability-in-windows-81
Related Articles
Comments
JRMHPosted:
GothThe-Monstrosity Microsoft get so worked up, calm down microsoft!!!
Wouldn't you though if it was your company, I'd be pretty annoyed.
They had 90 days to fix a freakin bug. Being as big as they are, it should've been done.
SkittlePosted:
Billion dollar corporation vs Billion dollar corporation
I want to see how this turns out 88)
I want to see how this turns out 88)
HovaPosted:
For once Google did the right thing after all they gave them some time to remedy the situation.
OhDiegoCostaPosted:
I think Google are the good guys here. Publicised vulnerabilities aren't particularly damaging and force Microsoft to constantly improve their OS
BruPosted:
The-Monstrosity Microsoft get so worked up, calm down microsoft!!!
Wouldn't you though if it was your company, I'd be pretty annoyed.
Latest Downloads
- 01. Mega Man 9 | Savegame(0)
- 02. LASTFIGHT Secret character unlocked(0)
- 03. PC Horizon Forbidden West Complete Save(2)
- 04. Castlevania: The Adventure ReBirth | 100% Savegame(0)
- 05. ExciteBike World Challenge | Savegame(0)
- 06. World of Goo | 100% Savegame(0)
- 07. La Torre de las Sombras | 100% Savegame(0)
- 08. Beat the Beat: Rhythm Paradise | Savegame(0)
- 09. The Legend of Zelda: Skyward Sword | Savegame(2)
- 10. [US] Kingdom New Lands _ Crowned - CUSA10970(4)
- 11. GTA 3 Definition Edition Game Save(6)
- 12. [US] Kingdom New Lands _ Heraldic Achievement CUSA10970(0)
- 13. [US] Kingdom New Lands - CUSA10970(1)
- 14. Super Paper Mario | Complete Savegame(0)
- 15. Sonic Colors | Complete Savegame(0)
Latest Tutorials
- 01. The Redress Of Mira 100% Walkthrough | Trophy & Achievement(318)
- 02. Russian Pinocchio Quick Trophy Guide(336)
- 03. Venatrix Quick Trophy & Achievement Guide(295)
- 04. Call of the Sea 100% Platinum Walkthrough(487)
- 05. Wire Lips 100% Platinum Walkthrough(378)
- 06. The Expanse 100% Platinum Walkthrough | Trophy & Achievement(422)
- 07. Doctor Who: The Edge of Reality - PS4 Platinum P/Thru(334)
- 08. Doctor Who:The Lonely Assassins - 100% Guide(313)
- 09. DAYMARE 1998 PS4 - Full game 100% TROPHY WALKTHROUGH(286)
- 10. Stray Platinum Walkthrough | Trophy & Achievement Guide(331)
- 11. Raji: An Ancient Epic | Complete Gameplay Walkthrough(374)
- 12. Corpse Killer: 25th Anniversary Edition - Longplay(351)
- 13. Song of Horror: Complete Edition Gameplay Walkthrough(283)
- 14. Remoteness 100% All Trophies Walkthrough(303)
- 15. Detective Inspector Mysterious Clues Platinum Walkthrough(361)
"Microsoft slams Google for publishing vulnerability in Windows 8" :: Login/Create an Account :: 26 comments