On October 31, Google publicly outed Microsoft for a critical zero-day security flaw in Windows 10 just 10 days after reporting the vulnerability to the firm. Today, as promised in a subsequent (and angry) blog post, Microsoft has patched up the hole and more in a round of updates.
The issue was said to allow hackers to easily work around the operating system’s (OS) security sandbox, letting them to execute harmful code, delete data and create user accounts with full access to the OS and “take control of an affected system,” Microsoft wrote in a security bulletin following its usual patch day.
In order to exploit the security hole, however, the end user would have to be tricked into opening an app created specifically for this purpose and remain logged in for the hacker to do any real damage. Back on November 1, Microsoft even claimed in that blog post that the flaw was not exploitable if you were running the then-latest version of its new OS.
How long is long enough?
Last week, Google justified publicizing the so-called Win32k Information Disclosure Vulnerability early in citing evidence that the flaw was already being exploited by hackers. Normally, Google gives fellow firms three months to sort their security issues before making them public.
Citing the urgent nature of this particular security flaw, Google broke that rule rather quickly. This caused Microsoft executive Terry Myerson to lash out a bit at the search giant in the aforementioned blog post, claiming that its move only put more of its users at risk, though recognized the Google researcher’s hard work.
While Google took matters into its own hands for the sake of the public, it’s obvious that the two companies are rivals in several respects – namely in that both are fervently competing for market share in regards to their operating systems.
Outside looking in, it’s impossible to say whether one party drug its feet in delivering a fix or the other had ulterior motives in disclosing the flaw publicly. Regardless, it’s important to recognize the environment and circumstances surrounding both in this exchange.
To ensure that you’re protected from the flaw, make sure to update your version of Windows 10 today. Oh, and give your system a quick malware scan for good measure.
Sourse: techradar.com
In light of this today’s election results, our NZ company (and 34 others so far) have decided to desist use of any US products. So, as far as we are concerned, neither Google nor Microsoft deserve our patronage any more. To all other people whom are suffering the incompetence of these two companies, perhaps it is time for you to also find alternatives to the digital prisons being pushed on you by the two behemoths noted above. There are many linux distros available, many of which are faster and more secure than anything Microsoft or Google has yet to create (despite stealing much of their architecture from linux sources – we’re looking specifically at you Google, but both Microsoft and Apple have also been dipping their greedy hands into the veritable honey-pot that is software produced for FREE by extremely generous individuals and groups, whom have no intention other than to make the computing world a better place). Unlike the above mentioned companies (all of whom are US based) the creators of this free software do not do this for greed, market share or to control their users. They do this because they think better of human beings than do the those companies mentioned. YOU have a choice to both let the world know that you do not support a nation that selects a racist, sexual abuser as its representative, but also to get some genuinely good software not built with the intention of treating you like a statistic on their financial spreadsheets. We quite like linux Deepin – but we are sure if you spend a little time researching, you will find a distro that suits your needs more adequately (and much, much more securely) than the offerings of the above. We also advise you to ponder on the most famous quotation of Edmund Burke.