Microsoft’s long-uneasy relationship with security researchers has taken a turn for the worse lately, and the company’s effort at rapprochement frustrated by the latest public revelation of an unpatched vulnerability.
The latest, which comes at the hands of a Google employee, affects Internet Explorer 8, a flaw that could see systems be manipulated to send out unauthorized messages from a user’s Twitter account. The researcher describes his efforts to convince Microsoft to patch the vulnerability as “unsuccessful.” eSecurity Planet takes a look.
So much for Microsoft’s pitch for civility and cooperation in revealing new security exploits in its products to software vendors in advance of making them public.
Civility aside, hackers are still outing security exploits because they say Microsoft (NASDAQ: MSFT) ignores them when they report the holes privately, with another zero-day vulnerability revealed in just the past few days.
