Honestly this (excuse the vulgar parable) pissing match between Google & Microsoft is leaving businesses as well as users not only soaking wet, but also potentially humiliated in front of hackers world wide!
Reading Engadget’s article, one would assume Google preemptively exposed an Windows 8.1 security flaw to the world without giving Microsoft enough time to issue a patch.
However it appears Microsoft either procrastinated issuing an immediate patch or lacked the resources to quickly resolve the security exploit.
Google made the latest disclosure as part of its “Project Zero” security initiative, which provides companies a 90-day deadline to fix vulnerabilities before they are disclosed publicly, giving hackers key details to exploit the bug. In this case, the flaw in the Windows 8.1 log-on mechanism would allow an attacker to escalate their privileges on a user’s computer, effectively taking over the machine. (Via Geek Wire)
Microsoft (for reasons unknown) needed 92 days to fix this exploit, so they are not surprisingly enraged at Google for not extending them grace & mercy for an extra 48 hours.
While geek lovers & haters will once again debate which tech giant was irresponsible in this scenario, it would be better for businesses & users if Google would help Microsoft fix exploits faster!
Even if Google billed Microsoft for resolving the exploit (as the latter can afford it), it would be better than this current fragmented approach of fix glitches or prepared to be shamed approach (which only benefits black hat hackers).
Image via: Brian Waving
