Main Area and Open Discussion > Living Room

Microsoft lashes out at Googler for making Windows vulnerability public

(1/12) > >>

lanux128:
from MaximumPC: this news may make Microsoft sound a bit churlish but maybe they do have a point? Google could have been more responsible in the wake of the seriousness of the vulnerability.



• http://www.maximumpc.com/article/news/microsoft_lashes_out_googler_making_windows_vulnerability_public

daddydave:
Security by obscurity..Nuff said!

Eóin:
Gotta side with MS on this one. The point of going public in the past was to force companies to acknowledge the holes in their products and patch them. These days it seems MS at least are very actively trying to plug any holes spotted, so going public doesn't help matters.

If anything it's like going to the malicious folks out there and saying "Hey MS is about to fix this hole, quick hurry and exploit it before it's too late!"

Renegade:
+1 for siding with Microsoft on this.

For security professionals, it's nothing more than complete irresponsibility to post vulnerabilities, much less with exploit code (ed. like above I mean). Most security companies will give you MONTHS to fix the problem before they publish it, and they will keep in contact with you the whole time. 4 days is idiotic.

There's no excuse.

Stoic Joker:
If anything it's like going to the malicious folks out there and saying "Hey MS is about to fix this hole, quick hurry and exploit it before it's too late!"-Eóin (June 11, 2010, 09:31 AM)
--- End quote ---

Damn Straight! Google set the bar at "Don't be Evil" apparently just so that being malevolent was still available.

+2 for Microsoft's Side.

Navigation

[0] Message Index

[#] Next page