Friday, July 30, 2021

Microsoft Blames Security Info-Sharing Program for Attack Code Leak

Computerworld: Someone has leaked sample exploit code to hackers, and Microsoft isn’t happy about it.

The story begins in March of 2011 when Italian security researcher Luigi Auriemma found a security vulnerability in Windows Remote Desktop Protocol. Auriemma passed the information on to HP TippingPoint’s Zero Day Initiative, a bug bounty program. The HP group then created a sample exploit, which they passed on to Microsoft. Microsoft shared the exploit with members of the Microsoft Active Protection Program (MAPP), security vendors who have signed a strict non-disclosure agreement. However, it appears that someone violated that agreement because Auriemma found the exploit code in use on a Chinese website.

According to Microsoft’s Yunsun Wee,”Microsoft is actively investigating the disclosure of these details and will take the necessary actions to protect customers and ensure that confidential information we share is protected pursuant to our contracts and program requirements.”

Similar articles

Latest Articles

How FedEx, Pizza Hut,...

Companies of all sizes analyze operational data at a surface level, but the growing availability and sophistication of data analytics tools have expanded the...

How Big Data is...

A growing number of enterprises are pooling terabytes and petabytes of data, but many of them are grappling with ways to apply their big...

Data Transformation Trends 2021

Gathered data is one thing. But useful data is quite another. Once data is collected, it has to be transformed in order to be...

Data Collection Trends 2021

Data collection trends tend to vary tremendously over time. With so much data now available in the enterprise, how data is collected can be...