Is Google Right In Disclosing A Critical Vulnerability In Windows? Why Microsoft Is Not Happy
Google's Threat Analysis group has disclosed a critical vulnerability in Windows. The revelation is posted in the tech company's official blog. Google pointed out the public release of the said security flaw is in accordance to its own policy. Microsoft is not particularly welcoming of the disclosure.
The Vulnerability In Windows
Google has disclosed the vulnerability in Windows, 10 days after Microsoft was informed about it. However, the tech giant has yet to fix the flaw. According to The Verge, the bug found in Windows allows attackers to escape from security sandboxes. Apparently, they are able to exploit the flaw in the win32k system.
Google pointed out that the public release is in accordance to their published policy for actively exploited critical vulnerabilities. The set duration of the disclosure should actually be after 7 days. Microsoft seems to need more days to come up with a patch. Google explained that the vulnerability can be serious since it is being actively exploited.
Patch For The Flash Vulnerability
Along with Microsoft, Adobe was also informed on Oct. 21 about a Flash vulnerability. Adobe had already patched it on Oct. 26, according to the Venture Beat. The patch is already in the latest version of Flash. Users are advised to update their Flash to the recent version.
Meanwhile, Google encouraged those with Windows OS to apply the patches from Microsoft once they are available for the Windows vulnerability.
Microsoft has issued a statement to Venture Beat about the issue. This does not include the availability of the needed patch for Windows. A spokesperson said that the Google disclosure puts customers at potential risk. The spokesperson added that the company believe in coordinated vulnerability disclosure.
Microsoft reiterates that Windows is the "only platform with a customer commitment to investigate reported security issues and proactively update impacted devices". The tech company ensure customers that Windows 10 and the Microsoft Edge browser offer the best protection.
Venture Beat further reports that a source close to Microsoft shared that the exploit Google describes requires the Flash vulnerability. This means that the Windows vulnerability is alleviated with the patched Flash.
Trademark Leak Shows That Rumors Stating A Fable Sequel Is In The Works Could Be True After All
A trademark application filed on June 26 has been uncovered for Fable. Does this mean a sequel is being worked on?
[First Look] The Start Menu Will Be Getting A Visual Overhaul In Windows 10
It looks like a future Windows 10 update will be upgrading how the Start Menu looks.
Here Is The Reason Why The Xbox Series X Has Not Been Released Yet
The Xbox Series X was planned to be released earlier than Microsoft currently plans for it to be. Here is why they delayed its release.
Microsoft Boss Reveals Xbox Series X Will Focus On Improving Immersion Instead Of Visuals: Here's Why
The Xbox Series X is coming out this holiday season and it seems that Xbox is going to focus on immersion more than visuals this time around. But what is reason behind it?
[New Feature] Android Google Chrome Adds an Automatic Dictionary : Here's How to Use it
Learn how to use Google's latest feature that gives automatic definition with a single tap.
MORE IN ITECHPOST
How To Build A Gaming PC For $450 In July 2020
What do you get when you combine a used pre-built PC and a graphics card? A great gaming PC for the price.
[Watch] NASA Announces Week Update: What Happened to the Artemis Program?
Could we be closer to getting to the moon? NASA provides updates on the progress.
[Guide, Tips] How to Play Marvel's Iron Man VR And Get All The Trophies
With the release of the Marvel's Iron Man VR, now even you can take to the skies and fly through canyons as you save civilians and blast bad guys along the way.
But playing the game is even trickier than it sounds.