Microsoft slams Google for revealing security vulnerability in Windows

13 Jan 2015

1

Microsoft has slammed Google for revealing a security vulnerability in Windows only two days before the software giant planned to fix the bug, The Register reported.

The revelation of the flaw came on 11 January, 90 days after reporting it to Microsoft. According to the ad giant, the bug could elevate a user's privileges to administrator-level, thanks to some inelegant action during the Windows 8.1 log-in process.

This does not come as the first disclosure of the kind by Google, which revealed a nasty takedown for Windows 8.1 on 30th December after reporting it in September.

The search giant did so as the rules of its Project Zero security regime saw the text ad giant reveal flaws 90 days following reporting  to vendors. Google notified Microsoft of the new flaw on 13th October.

According to Microsoft Google acted irresponsibly as it not only planned a fix for the problem on 13 January but also asked Google not to go public until that day.

''Specifically, we asked Google to work with us to protect customers by withholding details until Tuesday, January 13, when we will be releasing a fix,'' wrote Chris Betz, Microsoft's senior director for trustworthy computing.

Meanwhile, according to The Sydney Morning Herald, the spat highlighted an ever-present tension in the software security sector between those who believed flaws should be revealed sooner rather than later to put pressure on companies to tackle the issues, and developers who at times needed more time to come up with a solution.

In this case Google stood in the former camp, through its "Project Zero" team, which scanned all types of software for bugs and reported problems privately to the developers who created them. Google gave developers 90 days to fix a problem before making the issue public.

Microsoft planned to publish a fix this week as part of its regular security update, known in the industry as "Patch Tuesday."

"Although following through keeps to Google's announced timeline for disclosure, the decision feels less like principles and more like a 'gotcha,' with customers the ones who may suffer as a result. What's right for Google is not always right for customers. We urge Google to make protection of customers our collective primary goal", Betz wrote.

Business History Videos

History of hovercraft Part 3 | Industry study | Business History

History of hovercraft Part 3...

Today I shall talk a bit more about the military plans for ...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of hovercraft Part 2 | Industry study | Business History

History of hovercraft Part 2...

In this episode of our history of hovercraft, we shall exam...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Hovercraft Part 1 | Industry study | Business History

History of Hovercraft Part 1...

If you’ve been a James Bond movie fan, you may recall seein...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Trams in India | Industry study | Business History

History of Trams in India | ...

The video I am presenting to you is based on a script writt...

By Aniket Gupta | Presenter: Sheetal Gaikwad

view more
View details about the software product Informachine News Trackers