Microsoft has hit out at Google for publishing details of a Windows vulnerability before they had a patch ready. The company says that Google’s actions have made “customers the ones who may suffer as a result”.
Microsoft says that Google’s ‘Project Zero’ could be jeopardising the security of Windows users.
“Specifically, we asked Google to work with us to protect customers by withholding details until Tuesday, January 13, when we will be releasing a fix. Although following through keeps to Google’s announced timeline for disclosure, the decision feels less like principles and more like a “gotcha”, with customers the ones who may suffer as a result. What’s right for Google is not always right for customers. We urge Google to make protection of customers our collective primary goal.”
With Project Zero, Google gives software companies 90 days to create a fix for any vulnerabilities before they publish details of them. Obviously in this case, Microsoft didn’t do anything about it, but now they say that they were indeed prepping a fix.
What do you think? Was Google right to do this?
Source: The Verge