Microsoft Faces Criticism Over Zero-Day Vulnerabilities and Patch Delays

July 15, 2024 at 03:00 PM

•

1 min read

Microsoft Faces Criticism Over Zero-Day Vulnerabilities and Patch Delays — Photo: The Register

TL;DR Summary

Trend Micro's Zero Day Initiative (ZDI) criticized Microsoft for not crediting them in the disclosure and patching of a zero-day vulnerability in MSHTML, reported in May and patched in July. ZDI claims the flaw is a remote code execution vulnerability, contrary to Microsoft's classification as a spoofing vulnerability. This incident highlights broader issues in the coordinated vulnerability disclosure process, with vendors often failing to properly communicate and credit researchers.

Topics:technology #coordinated-vulnerability-disclosure #cybersecurity #internet-explorer #microsoft #trend-micro #zero-day-vulnerability

Share this article

ZDI shames Microsoft for – yet another – coordinated vulnerability disclosure snafu The Register
Microsoft Windows Deadline—You Have 21 Days To Update Your PC Forbes
Resurrecting Internet Explorer: Threat Actors Using Zero-day Tricks in Internet Shortcut File to Lure Victims (CVE-2024-38112) Check Point Research
Attackers Have Been Leveraging Microsoft Zero-Day for 18 Months Dark Reading
Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days BleepingComputer

Reading Insights

Total Reads

Unique Readers

Time Saved

5 min

vs 6 min read

Condensed

94%

1,128 → 69 words

Want the full story? Read the original article

Read on The Register

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights