Microsoft disclosed that a Chinese security firm was responsible for the leak of so-called ‘0-day’ RDP attack code and that the firm was axed from the MAPP program.
August last year, Italian security researcher Luigi Auriemma first discovered the security flaw and reported it to Microsoft, along with proof-of-concept attack code.
Auriemma later accused Microsoft of leaking the code given that a an executable appearing on a Chinese web site contained his "pre-built packet" which had only been provided to Microsoft.
The allegation was obviously quite serious. If reported security flaws and demonstration attack code end up being leaked before Microsoft has a chance to fix the flaws, then security researchers will clearly wonder why they’re bothering telling Microsoft at all.
Auriemma speculated that the leak was one of Microsoft’s MAPP partners, or security firms that Microsoft shares such information with early in order that they can develop software to guard against any potential malware.
"We determined that a member of the MAPP program, Hangzhou DPTech Technologies Co., Ltd., had breached our non-disclosure agreement (NDA)," said Microsoft trustworthy computing boss Yunsun Wee.
The company said that DPTech has been removed from the MAPP program. Wee also said that Microsoft is tightening up controls on the information provided to partners but didn’t elaborate further.