Tavis Ormandy bashes Microsoft’s handling of security researchers, drops Windows zero-day
A Google security engineer accused Microsoft of treating outside researchers with “great hostility” just days before posting details of an unpatched vulnerability in Windows that could be used to crash PCs or gain additional access rights.
Microsoft acknowledged the vulnerability late Tuesday. “We are aware of claims regarding a potential issue affecting Microsoft Windows and are investigating,” said Dustin Childs, a spokesman for the company’s security response group, in an email. “We will take the appropriate action to protect our customers.”