Microsoft has addressed the flaw in its operating system that Google exposed yesterday and the Redmond-based company is not happy.
Google yesterday made public details of a security bug in Windows' 'Win32k.sys' file that could let hackers remotely incapacitate a PC. The controversy, however, stems from the fact that Google exposed this flaw before Microsoft had a chance to patch it out, therefore leaving millions of PC users vulnerable.
The search engine company advised consumers to take precautionary steps to protect their computers: “We encourage users to verify that auto-updaters have already updated Flash, to manually update if not, and to apply Windows patches from Microsoft when they become available for the Windows vulnerability.”
Microsoft isn't too happy about having been publicly outed. Terry Myerson, Microsoft’s executive vice president of Windows and devices group confirmed that Windows 10 Anniversary Update customers are not affected by the flaw and also criticised Google for making these details public knowledge: “We have coordinated with Google and Adobe to investigate this malicious campaign, and to create a patch for down-level versions of Windows. Many industry participants are now testing patches for all versions of Windows. We plan to release them publicly on the next update on Tuesday November 8th.
“We believe responsible technology industry participation puts the customer first, and requires coordinated vulnerability disclosure. Google’s decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk.”