Windows flaw exploited by hackers

Targeted attacks come two months after Google employee outs vulnerability
Microsoft representatives would not comment on whether they thought exposure of the flaw led to the attacks. (Getty Images)
Microsoft representatives would not comment on whether they thought exposure of the flaw led to the attacks. (Getty Images)


A software vulnerability in Windows, first exposed by a Google security engineer, has been exploited, according to report from Reuters.

Tavis Ormandy, the Google engineer who posted details of the flaw in May on a Microsoft blog, was heavily criticised at the time because he did so without first informing Microsoft, thereby not allowing the Windows vendor to fix the issue.

Ormandy also slammed Microsoft's security division for being difficult to work with and advised other researchers to keep their identity a secret when engaging with Redmond security officials.

When Microsoft announced yesterday that targeted attacks had occurred using the vulnerability, representatives were quizzed on whether they thought Ormandy's disclosure had led to the attacks. They had no comment to make.

While Reuters reported that Ormandy could not be reached for comment, it also said a Google official claimed that Ormandy's work on the Windows flaw was a personal project and had nothing to do with his work for the company.

Google and Microsoft are long-time adversaries. Microsoft is a prominent member of a consortium that pursued government sanctions against the Web search leader for practices alleged to be anti-competitive. Microsoft executives were sharply critical of what they perceived as a "weak" conclusion in January to a US Federal Trade Commission probe into Google's business dealings.

Editor's Choice

Emerson expands analytics platform for industrial enterprise-level wireless infrastructure management
Plantweb Insight platform adds two new Pervasive Sensing applications that manage wireless networks more efficiently with a singular interface to the enterprise
Digitalisation seen as a competitive advantage by Middle East private businesses
Nearly 80 per cent of private business leaders acknowledge that digitalisation can impact business sustainability
Etisalat introduces Multi-Access Edge Computing architecture delivering best-in-class video streaming performance for 5G networks
MEC architecture achieves performance gains of as much as 90% in video streaming, validating how ultra-low-latency applications will be delivered over 4G and 5G networks

Most popular

Don't Miss a Story