Microsoft criticises Google for outing Windows vulnerability prior to fix | Games industry news | MC

S373NSINSH4CK3R Jan 12, 2015

  1. S373NSINSH4CK3R

    S373NSINSH4CK3R Banned (Read The Rules) BANNED
    95/188

    Joined:
    Aug 31, 2014
    Messages:
    611
    Likes Received:
    268
    Trophy Points:
    0
    Gender:
    Male
    Location:
    Iam currently on the moon playing my JTAGGED XBOX
    Console:
    Playstation 4
    [​IMG]
    Google has prioritised the calling out of a rival over the digital security of its customers, Microsoft has claimed.
    The search giant has chosen to publicise details of a security vulnerability to Windows 8.1 two days ahead of the release of a patch that it knew was incoming and despite requests to keep the information quiet until tomorrow.
    “Although following through keeps to Google’s announced timeline for disclosure, the decision feels less like principles and more like a ‘gotcha’, with customers the ones who may suffer as a result,” senior director of Microsoft’s Security Response Center Chris Betz said.
    “What’s right for Google is not always right for customers. We urge Google to make protection of customers our collective primary goal.”
    Most high-profile members of the software industry have signed up to what is called a Coordinated Vulnerability Disclosure (CVD), the gist of which is that security vulnerabilities are kept quiet until a fix is issued, thus reducing the opportunity for wrong-doers to take advantage of them.
    The counter argument is that vulnerabilities should be publicised as and when they are discovered, both to make consumers aware of the danger and better incentivise software makers to fix the issue.
    “Microsoft has long believed coordinated disclosure is the right approach and minimizes risk to customers,” Betz added. “We believe those who fully disclose a vulnerability before a fix is broadly available are doing a disservice to millions of people and the systems they depend upon.
    “Of the vulnerabilities privately disclosed through coordinated disclosure practices and fixed each year by all software vendors, we have found that almost none are exploited before a ‘fix’ has been provided to customers, and even after a ‘fix’ is made publicly available only a very small amount are ever exploited.
    “Conversely, the track record of vulnerabilities publicly disclosed before fixes are available for affected products is far worse, with cybercriminals more frequently orchestrating attacks against those who have not or cannot protect themselves.”

    Source: mcvuk
     
  2. prodigy

    prodigy Trusted Seller since 2014 :)
    95/188

    Joined:
    Jul 7, 2014
    Messages:
    1,490
    Likes Received:
    357
    Trophy Points:
    95
    Gender:
    Male
    Occupation:
    Call of Duty Recovery Seller
    Location:
    Boston, Ma
    Console:
    Computer
    Nice share Anon. No surprise Microsoft is doing this to google lol.
     

Share This Page

Close