Home > slashdot > Microsoft Spurned Researchers Release 0-Day

Microsoft Spurned Researchers Release 0-Day

July 6th, 2010 07:20 admin Leave a comment Go to comments

nk497 notes the news that a group of researchers calling themselves the Microsoft-Spurned Researcher Collective (the name is a play on Microsoft’s Security Response Center) have come together to protest Microsoft’s perceived heavy-handedness towards researchers who disclose security flaws. Pushed into action by the reception to the flaw disclosed by Tavis Ormandy, the group has released full details and exploit code for a previously unknown Windows local privilege escalation vulnerability. The advisory for the vulnerability, which affects Windows Vista and Windows Server 2008, contains the following manifesto: “Due to hostility toward security researchers, the most recent example being of Tavis Ormandy, a number of us from the industry (and some not from the industry) have come together to form MSRC: the Microsoft-Spurned Researcher Collective. MSRC will fully disclose vulnerability information discovered in our free time, free from retaliation against us or any inferred employer.”

Source: Microsoft Spurned Researchers Release 0-Day

Related Articles:

  1. Microsoft Warns of Zero-Day Attacks
  2. Google Security Expert Finds, Publicly Discloses Windows Kernel Bug
  3. Miscreants Exploit Google-Outed Windows XP Zero-Day
  4. Microsoft To Release Emergency Fix For ASP.NET Bug
  5. Microsoft Issues Advisory For Internet Explorer Vulnerability
blog comments powered by Disqus