|05 Jan 2011||#1|
| || |
IE zero-day bug leads to squabble between Microsoft, researcher
Microsoft is at odds with a researcher employed by Google who published a zero-day Internet Explorer vulnerability on New Year's Day. The vulnerability was discovered using cross_fuzz, a browser fuzzing tool created by Google researcher Michal Zalewski, who says he gave Microsoft more than six months of warning before going public with the flaw. That hasn't stopped Microsoft from sharply disagreeing, however, with the company arguing that Zalewski has now put thousands of IE users at risk.
According to Zalewski's published timeline of events, he first told Microsoft about the vulnerability in July of last year and provided the company with copies of cross_fuzz for independent verification. Zalewski informed the company that he planned to release the tool in January, and Microsoft acknowledged the report at that timeŚconfirmed on Tuesday by Microsoft spokesperson Jerry Bryant.
|My System Specs|
|Similar help and support threads for2: IE zero-day bug leads to squabble between Microsoft, researcher|
|Google researcher reveals another Windows 0-day||Security News|
|Security researcher slams Microsoft over IE9 malware blocking stats||Security News|
|Strong HTML5 Support in IE9 Leads to Microsoft Embracing the HTML5....||News|
|Microsoft Update keeps Office secure, says researcher||Windows Updates & Activation|
|Microsoft IE's downfall 'far fetched,' says researcher||Browsers & Mail|
|Microsoft AV advice may aid attackers, researcher warns||Security News|
|Johnny Lee: Microsoft Researcher||News|
|Our Sites ||Site Links ||About Us ||Find Us |
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
ę Designer Media Ltd
All times are GMT -5. The time now is 09:22 PM.