 | |
| |
| 05 Jan 2011 | #1 |
| | IE zero-day bug leads to squabble between Microsoft, researcher Quote: Microsoft is at odds with a researcher employed by Google who published a zero-day Internet Explorer vulnerability on New Year's Day. The vulnerability was discovered using cross_fuzz, a browser fuzzing tool created by Google researcher Michal Zalewski, who says he gave Microsoft more than six months of warning before going public with the flaw. That hasn't stopped Microsoft from sharply disagreeing, however, with the company arguing that Zalewski has now put thousands of IE users at risk. According to Zalewski's published timeline of events, he first told Microsoft about the vulnerability in July of last year and provided the company with copies of cross_fuzz for independent verification. Zalewski informed the company that he planned to release the tool in January, and Microsoft acknowledged the report at that time—confirmed on Tuesday by Microsoft spokesperson Jerry Bryant. |
My System Specs | |
 |
IE zero-day bug leads to squabble between Microsoft, researcher problems?
« Line between apps and browsers blurring with tablets
|
Microsoft already seeking developer input for Office 16 »
| Thread Tools | |
| Similar help and support threads for: IE zero-day bug leads to squabble between Microsoft, researcher | ||||
| Thread | Forum | |||
| Security researcher slams Microsoft over IE9 malware blocking stats | Security News | |||
| Microsoft Update keeps Office secure, says researcher | Windows Updates & Activation | |||
| Microsoft IE's downfall 'far fetched,' says researcher | Browsers & Mail | |||
| Microsoft AV advice may aid attackers, researcher warns | Security News | |||
| Johnny Lee: Microsoft Researcher | News | |||
All times are GMT -5. The time now is 05:42 PM.
