A Google engineer has once again disclosed a Windows flaw. In a Full Disclosure posting to the SecLists mailing list, Tavis Ormandy — an Information Security Engineer at Google — details a vulnerability in Windows 7 and Windows 8 that can be exploited by local users to gain escalated privileges. Security firm Secunia notes that the issue is "less critical" than other flaws as it's not a remotely exploitable one. Nevertheless, it appears that Ormandy has taken the full disclosure approach, stating he doesn't have "time to work on silly Microsoft code," rather than Microsoft's preferred responsible disclosure route that calls for vulnerabilities to be reported privately.
Ormandy previously revealed a serious vulnerability in Windows XP's Help and Support Center that allowed attackers to compromise machines using specially crafted websites before Microsoft had patched the bug.
Source: https://www.theverge.com/2013/5/23/4358400/google-engineer-bashes-microsoft-discloses-windows-flaw
www.onlinerealityshow.com domain is for sale. If you are interested in buying, please contact us!
HUD display and navigation.
Tags
Google engineer publicizes Windows zero-day bug, claims Microsoft is 'difficult to work with'
13/06/2013 13:09
Tags:
Guestbook: Google engineer publicizes Windows zero-day bug, claims Microsoft is 'difficult to work with'
No comments found.