Welcome to Your Daily Spot! Support us and become a Pro.
  Your Daily Spot
  Your Daily Spot
  • Hub
    • Animes
    • Cartoons
    • Tech
  • Apps
  • Video Games
    • Action
    • First-Person Shooter >
      • Call Of Duty Tips & Tricks
      • Destiny
      • Call of Duty®: Advance Warfare
      • Counter Strike >
        • CS:GO Video
    • Racing
    • Simulation
    • Sports
    • Strategy
    • Online Games >
      • MapleStory
    • Vainglory >
      • Find Allies
      • ShinKaigan
  • News
    • Apple
    • Entertainment
    • Gaming
    • Tech
  • About Us
    • Blog
    • Partners >
      • Apply
  • Contact
    • Team
    • Discord
  • Upcoming
  • Deals
  • Pro

Headline of The day!

Google publishes Windows vulnerability despite no fix from Microsoft

1/3/2015

Comments

 
Picture
Google has openly published a Windows 8.1 vulnerability that allows low-level users to gain administrator privileges. The security flaw was revealed earlier this week despite one big problem: there's still no fix from Microsoft. As such, the elevated privileges vulnerability remains a legitimate threat to some Windows customers. Google says it gave Redmond plenty of time to address the problem before the code went public on December 29th. It's been 90 days since the security hole was filed as part of Google's Project Zero initiative, which is dedicated to uncovering weaknesses in software before hackers can exploit them. Microsoft was told about the issue on September 30th, but so far hasn't managed to resolve it with a Windows software update.
For its part, Google maintains that 90 days should be enough for Microsoft or anyone else in the industry to fix what's broken. "On balance, Project Zero believes that disclosure deadlines are currently the optimal approach for user security — it allows software vendors a fair and reasonable length of time to exercise their vulnerability management process, while also respecting the rights of users to learn and understand the risks they face," the company told Engadget.

But in the same breath, Google made sure to note that it will be "monitoring the affects of this policy very closely," noting that "initial results have shown that the majority of the bugs that we have reported under the disclosure deadline get fixed under deadline, which is a testament to the hard work of the vendors."

And while Microsoft's "hard work" may be a bit sluggish, the company says a fix for the now-public vulnerability is on the way. As its own statement notes, most users probably don't need to worry about this threat since would-be attackers must have valid login credentials and access to the very machine they're targeting. So it's not really a high priority concern for home users, though enterprise IT workers may want to be on the lookout until a fix is delivered.
Source
Comments
comments powered by Disqus

    Headlines


    Picture
    Instagram launches redesigned app and icon
    Picture
    Warner Bros. will release 35 4K Blu-ray movies this year in glorious HDR
    Picture
    Samsung's new Tizen-powered remote could rule your smart home
    Picture
    FAA announces drone owners must register by February 19th, 2016

    Archives

    May 2016
    January 2016
    December 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014

    Categories

    All
    4K
    5K
    Anime
    Apple
    Apple Music
    Apple Watch
    Apps
    Entertainment
    Ferrari
    Funny Videos
    Gear S
    Google
    Headline
    HP
    IMac
    IOS
    IPad
    IPhone
    Lamboghini
    Microsoft
    Nexus
    Nokia
    OS X
    Pranks
    Samsung
    Samsung Galaxy
    Sony
    Tech
    Tech Toys
    TV
    Video Games
    Vizio
    Windows 10
    Xiaomi

Copyright © 2014-2016 Your Daily Spot. All Rights Reserved.
v2.1.4 August 11, 2015
Terms of Service
Sitemap