Sources
Loading...
Additional media
Loading...
DeepNewz, mobile.
People-sourced. AI-powered. Unbiased News.
ZDI has criticized Microsoft for mishandling coordinated vulnerability disclosures. The criticism highlights issues such as failure to credit researchers properly, misstating the category and severity of vulnerabilities, and general frustration in dealing with Microsoft. Dustin Childs from ZDI has raised questions about whether the increase in bugs has overwhelmed vendors, making it difficult to manage coordinated vulnerability disclosures effectively. ZDI's frustration is evident as they often face improper crediting and misspelled names despite providing valuable security flaw information to Microsoft for free. Additionally, the presence of 'Zombie IE' is noted as a concerning issue.
Don't miss @JessicaHrdcstle's exclusive here with ZDI's @dustin_childs about the frustration of dealing with Microsoft when reporting security flaws "We're often not credited properly. They spell our names wrong, and we're giving them bugs for free" https://t.co/Af1oAmTSOC
EXCLUSIVE: ZDI shames Microsoft for – yet another – coordinated vulnerability disclosure snafu https://t.co/MA0S2fzO3t via @theregister
Zombie IE, now that is scary. MS failure to credit, misstating category and severity of vulnerability, very bad. https://t.co/pXPC5e8krH https://t.co/clUEN2WUPb