Microsoft supports coordinated vulnerability disclosure and asks the research community to share findings with affected vendors before public release. Microsoft states that recent zero-day disclosures were not shared in advance, creating unnecessary risk for customers. Microsoft says its security teams worked to understand impact, protect customers, and develop security updates after the disclosures. The reported vulnerabilities include BlueHammer, RedSun, UnDefend, YellowKey, GreenPlasma, and MiniPlasma, with BlueHammer, RedSun, and UnDefend reportedly exploited in the wild after disclosure. Microsoft opposes uncoordinated disclosures and warns that proof-of-concept code for unpatched vulnerabilities can lead to real-world consequences when used by malicious actors.
"We invite diverse perspectives that help the security community work together to protect everyone. We realize that we will not always agree on everything, but we are committed to transparency and continue to create opportunities for dialogue."
#coordinated-vulnerability-disclosure #zero-day-vulnerabilities #microsoft-security #windows-defender #vulnerability-exploitation
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]