VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Microsoft on risks of public zero‑day disclosures after researcher account deletion

Microsoft — о рисках публичных раскрытий нулевых дней после удаления аккаунта исследователя

Colleagues, a note for cybersecurity professionals: Microsoft criticised public disclosures of several zero‑days following deletion of a researcher's account.

What happened: Chaotic Eclipse published details of Windows vulnerabilities (BlueHammer, RedSun, UnDefend, YellowKey, etc.). Microsoft says it received no prior notification.

Consequences: some flaws are already exploited; PoC code appeared on GitHub and GitLab.

Actions: GitHub removed the researcher's account; Microsoft urges Coordinated Vulnerability Disclosure and issues patches.

Why it matters: public PoCs accelerate abuse and increase customer risk.

Do you consider current coordination mechanisms and platform responses adequate?

#cybersecurity #vulnerabilities #CVD #Microsoft

Latest comments

No comments yet.