Microsoft are not happy bunny’s, and are especially unhappy with Google after a researcher on the Google team publicly disclosed a remote code execution vulnerability affecting Windows XP and Server 2003 systems.
TG Daily report that Microsoft were first informed of the issue on June 5, but the vulnerability was publicized just some four days later, before Microsoft even had chance to resolve the issue.
“Public disclosure of the details of this vulnerability and how to exploit it, without giving us time to resolve the issue for our potentially affected customers, makes broad attacks more likely and puts customers at risk,” Microsoft spokesperson Mike Reavey said.
Although Microsoft said they were not happy with Google, they also stated that they welcome researchers across the industry to help identify issues, but hoped that it could be done through responsible disclosure to help minimize the risk while improving security. They also say that they are currently unaware of any exploitations of a similar nature with Windows Vista, 7, Server 2008 or Server 2008 R2.
Source: TG Daily