Linked by Thom Holwerda on Mon 19th Jan 2015 12:24 UTC, submitted by Alfman
Privacy, Security, Encryption

Microsoft has heavily criticized Google and its 90-days security disclosure policy after the firm publicly revealed two zero-day vulnerabilities in Microsoft's Windows 8.1 operating system one after one just days before Microsoft planned to issue a patch to kill the bugs. But, seemingly Google don't give a damn thought.

Once again, Google has publicly disclosed a new serious vulnerability in Windows 7 and Windows 8.1 before Microsoft has been able to produce a patch, leaving users of both the operating systems exposed to hackers until next month, when the company plans to deliver a fix.

First, this article makes the usual mistake of calling these vulnerabilities "zero day". They are not zero day. They are 90 day. A huge difference that changes the entire context of the story. Microsoft gets 90 days - three months - to address these issues. I do not see why Google has to account for Microsoft's inflexible security policies which leave users in the lurch.

Second, note that Google also disclosed two OS X vulnerabilities alongside the Windows one. Nobody seems to be talking about those.

Third, Google, how about addressing your own security problems.

Permalink for comment 603481
To read all comments associated with this story, please click here.
1c3d0g
Member since:
2005-07-06

I wish I could upvote you a trillion times. Well f*cking said!

Reply Parent Score: 2