Google Does It Again, Exposes New Bugs in Microsoft Windows 7 and 8.1

By Kamal Nayan - 19 Jan '15 12:23PM

Just days after when Microsoft criticized Google for publicly disclosing bugs in Windows 8.1, the search giant pointed yet another security flaw in Microsoft's operating systems Windows 7 and 8.1.

One of the pointed two bugs allow attackers to impersonate a user and decrypt data on Windows 7 and Windows 8.1 machines. The second pointed bug allows attackers to impersonate a user and access the machine's power functions. These two pointed bugs by Google Security Research are yet to be fixed by Microsoft.

According to experts the second bug is not serious enough to warrant a fix from Microsoft.

Google's Project Zero objective is to significantly reduce the number of people harmed by targeted attacks by. Google gives the concerned companies 90 days to address issues before revealing them to the public. The bug was first reported on 17th October and apparently Microsoft has well passed the 90-day headline.

"We asked Google to work with us to protect customers by withholding details until Tuesday, January 13, when we will be releasing a fix. Although following through keeps to Google's announced timeline for disclosure, the decision feels less like principles and more like a "gotcha", with customers the ones who may suffer as a result. What's right for Google is not always right for customers. We urge Google to make protection of customers our collective primary goal," Microsoft Security Response Center slammed Google last week for revealing vulnerabilities just two days before sending out the patch.

Microsoft is yet to issue a statement about this particular batch of revelations, but given the history, it will certainly not be much impressed.

Fun Stuff

The Next Read

Real Time Analytics