Google's Project Zero is serious about releasing the details of security vulnerabilities 90 days after they alert the vendors, even if they're unpatched. It just exposed a nasty vulnerability in Microsoft's browsers.
This is the second unpatched Microsoft vulnerability it exposed last week.
I'm a big fan of responsible disclosure. The threat to publish vulnerabilities is what puts pressure on vendors to patch their systems. But I wonder what competitive pressure is on the Google team to find embarrassing vulnerabilities in competitors' products.
from Google Discloses Details of an Unpatched Microsoft Vulnerability
No comments:
Post a Comment