1it enterprise

Microsoft & Google Clash Over Vulnerability Revelation

1it enterpriseMicrosoft and Google are in a clash regarding the issue of a vulnerability disclosure. After allowing a ten-day window for Microsoft to warn the users about the critical flaw in Windows Google has disclosed it by itself. Google said Microsoft was yet to issue an advisory or circulate a fix about the software flaw in the security blog where it posted about the zero-day vulnerability. Google believe this vulnerability to be particularly serious, as it has been exploited actively. It lets hackers abuse a glitch in the Windows kernel, via a win32k.sys system call, to dodge the security sandbox. For Microsoft to fix the problem first Google waited for 10 days after informing Microsoft on October 21.


Google has a policy of giving vendors only seven days to either issue a warning or publish a patch about the glitch. The company agreed to the fact that the seven days’ time is not enough for some vendors to go through the update but the company said it is enough time to publish advice about possible mitigations. Microsoft said in an email on Monday today’s disclosure could put users at risk and they believe in coordinated vulnerability disclosure. Though over disagreeing over disclosing a vulnerability this is not the first time for the two companies.


leave a reply


2950 North Loop West Suite 500 Houston TX – 77092

+1 (832) 426-2567



Level 2, Prestige Omega, No. 104, EPIP Zone, Whitefield Bangalore – 560066 Karnataka

+91 70226 09430



1IT Enterprise a Technology Magazine which is focused on bridging the gap between Enterprises World and the insights based on success stories of established entrepreneurs.

Follow Us

Back to Top