Home
Laptops
Laptops News
Microsoft Criticises Google for Public Disclosure of Windows 8.1 Bug

Microsoft Criticises Google for Public Disclosure of Windows 8.1 Bug

By Hitesh Arora | Updated: 12 January 2015 17:24 IST

Microsoft on Sunday decided to criticise Google's decision to publicly disclose a vulnerability in Windows 8.1 two days before the company planned to issue the fix.

On Sunday, Microsoft's Senior Director of the Microsoft Security Response Center, Chris Betz, published an official blog post, "a call for better coordinated vulnerability disclosure", taking on Google's irresponsible action of disclosing a 90-day-old bug before the company not only planned a fix for the problem on January 13, but also asked Google not to go public until that day. But for Google, the disclosure was made as a part of its Project Zero security initiative that stipulates a 90-day deadline for the fix before the public disclosure of the bug.

"Specifically, we asked Google to work with us to protect customers by withholding details until Tuesday, January 13, when we will be releasing a fix. Although following through keeps to Google's announced timeline for disclosure, the decision feels less like principles and more like a 'gotcha', with customers the ones who may suffer as a result. What's right for Google is not always right for customers. We urge Google to make protection of customers our collective primary goal," wrote Betz on MSRC blog post.

Notably, this is not the first time that Google disclosed any such vulnerability of Microsoft's Windows 8.1. On December 31, a Google's Project Zero researcher Ben Hawkes defended an earlier vulnerability thread that went live automatically after 90-day deadline expired on December 29 from September 30, when the issue was first reported to Microsoft.

"Firstly, just to make this absolutely clear, the ahcache.sys/NtApphelpCacheControl issue was reported to Microsoft on September 30. You can see this in the "Reported" label on the left hand panel of this bug. This initial report also included the 90-day disclosure deadline statement that you can see above, which in this instance has passed," commented Hawkes on the thread.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.