NEWS
NEWS
NEWS
Google discloses critical vulnerability in Windows 10, angering Microsoft
Google Inc. dropped a bomb on Microsoft Corp. Monday by revealing a vulnerability in its Windows operating system that’s yet to be patched.
Google says attackers can exploit the bug to gain administrator-level access using simple malware. In a blog post, Neel Mehta and Billy Leonard of Google’s Threat Analysis Group said they’d taken decision to go public after finding exploits for the bug were already in the wild. The company has a policy of giving software developers just seven days to patch vulnerabilities it discovers, in cases when they’re already being actively exploited by cyber-criminals.
At the same time, Google also revealed a new Flash vulnerability it shared with Adobe Systems Inc. last week. Adobe was told about the bug on the same day as Microsoft, and has already issued a patch. However, Microsoft has so far failed to do the same, and all Google could recommend in mitigation is to “apply Windows patches from Microsoft when they become available.”
Not surprisingly, Microsoft wasn’t happy with Google’s decision to go public before it could issue a patch.
“We believe in coordinated vulnerability disclosure, and today’s disclosure by Google puts customers at potential risk,” the company said in a statement to the media. “Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible. We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection.”
Microsoft’s argument against Google’s policy of revealing flaws is that an operating system like Windows is far more complex than a simple web plugin like Flash, and therefore issuing a patch can take much longer than a week. But Google maintains that it’s safer if the public is made aware of these flaws in cases where they’re already being actively exploited.
Photo Credit: mendhak Flickr via Compfight cc
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
