Get a Pentest and security assessment of your IT network.

News

Does Google Have a Double Standard on Full Disclosure?

Google s Tavis Ormandy published a vulnerability in the hcp protocol handler. It allows the attacker to run arbitrary commands as the user. In practice it created a lot of alerts and warnings for me but the XP install I was using is somewhat locked down. Later his reports says it works around the alerts (I couldn t reproduce that, but that was his intention). However, there are some odd things about this that really struck me the wrong way. Google says it adheres to responsible disclosure, but at the same time they give Microsoft 5 days to fix their 0day that Google’s researchers themselves created!

Source: https://threatpost.com/does-google-have-double-standard-full-disclosure-061010/74091/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Vulnerabilities In Alibaba threatens security of million users

News

Russian cybercriminal Roman Seleznev gets another prison sentence