DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 13, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 184 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Microsoft livid as Google discloses dangerous Windows flaw after 10-day window

Posted on Wednesday, November 02 2016 @ 10:28:36 CET by


MS logo
Microsoft is mad at Google because the latter published details about a dangerous security vulnerability in Windows on the Google Security Blog. The search giant says it informed Microsoft about the bug ten day in advance and claims this is enough time to either publish a patch or release details about possible mitigation techniques.

The local privilege escalation vulnerability can be used as a security sandbox escape and was actively exploited in the wild before Google publicly disclosed it. Microsoft isn't pleased because it claims Google's action put users at risk, while Google says it's sticking to its policy, which forces software firms to speed up their response time to fix security vulnerabilities. A similar incident occurred in 2015, when Google also disclosed unpatched holes in Windows.
"Seven days is an aggressive timeline and may be too short for some vendors to update their products," Google said in a blog post in 2013. "But it should be enough time to publish advice about possible mitigations."

Microsoft slammed Google's move. “We believe in coordinated vulnerability disclosure, and today’s disclosure by Google could put customers at potential risk," the company said in an email on Monday.
Google claims that on Windows 10, its Chrome browser prevents the exploit because Chrome's own sandbox is able to block the system call.

Via: ComputerWorld



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba