Microsoft chastises security groups
As Microsoft continued to investigate three recently reported vulnerabilities in multiple versions of its Windows operating system Tuesday, it delivered a message to security groups anxious to publicly report bad news: It does more harm than good.
Less than a week after Chinese security group Xfocus publicly released proof-of-concept code, claiming that among other high-risk vulnerabilities there were flaws in the Windows LoadImage API function, Microsoft was urging security groups to follow practiced industry standards for reporting potential breaches.
By Tim Gray at internetnews.com
[ Read more ]