Microsoft has lashed out at Google for making a Windows 8.1 vulnerability public. Chris Betz, heading up the Microsoft Security Response Center (MSRC), published a new blog post over on TechNet talking about security and how tech companies should work together to better protect consumers against threats from exploits in software, something the company feels Google disregarded.
The blog post touches on preventing the full public disclosure of security vulnerabilities in software, which Microsoft believes is best kept under wraps.
Those in favor of full, public disclosure believe that this method pushes software vendors to fix vulnerabilities more quickly and makes customers develop and take actions to protect themselves. We disagree. Releasing information absent context or a stated path to further protections, unduly pressures an already complicated technical environment. It is necessary to fully assess the potential vulnerability, design and evaluate against the broader threat landscape, and issue a "fix" before it is disclosed to the public, including those who would use the vulnerability to orchestrate an attack. We are in this latter camp.
Betz then highlights how Google has released information about the vulnerability in Windows 8.1, just two days before a planned patch was set to be published on Patch Tuesday. Betz also states Microsoft requested Google to avoid releasing said details before January 13.
Although following through keeps to Google's announced timeline for disclosure, the decision feels less like principles and more like a "gotcha", with customers the ones who may suffer as a result. What's right for Google is not always right for customers. We urge Google to make protection of customers our collective primary goal.
The blog post closes by reaffirming that software is by no means perfect. It is indeed made by humans after all, and we've continuously displayed strong signs of imperfection throughout our history. Here's hoping the giants behind our favorite devices band together to keep everyone safe from attacks and cyber crime.
Source: TechNet
We may earn a commission for purchases using our links. Learn more.
Microsoft's new web-based Outlook client officially launches in preview
Microsoft has officially announced its new Outlook client, which is now available in preview for Office Insiders in the Beta Channel. The new app is accessible via a "preview" toggle in the Outlook desktop app. Enabling the toggle will transform the legacy Office app into a new web-based one, featuring new features and a new UI.
Think you know ALL Windows 10 keyboard shortcuts? Find out in our list.
In this guide, we'll list all the best keyboard shortcuts you can use to better navigate and operate Windows 10 on your desktop computer or laptop.
Here's Acer's new Spin 5 convertible laptop with a 16:10 2.5K display
Acer’s new Spin 5 brings an excellent 2.5K 16:10 display, siloed Wacom AES 2.0 stylus, and the latest from Intel 12th Gen making this a nicely spec’d do-it-all 14-inch laptop for students and pros.
The best NAS to buy on a budget
NAS enclosures can easily go into the thousands, which is why it's incredibly important you buy an enclosure that meets your requirements without exceeding them and inflating your budget. Here are some of my favorite more affordable NAS enclosures.