Ever since Bill Gates launched the Trustworthy Computing strategy at Microsoft, the software company has done a good job at addressing security issues in a timely manner. Regular patching, complemented by out-of-cycle releases when critical issues are detected and resolved are now commonplace. So when news broke that it took Microsoft nine months to fix a serous flaw, it was something of a surprise to me.
The flaw, officially designated CVE-2017-0199, allows a remote hacker to invisibly take control of a system. It was used, after being reported to Microsoft, by hackers to spy on third parties and as part of a toolkit deployed to steal banking details. Users from across the world were affected.
Reuters has looked into the matter and spoken with a number of experts from security firms and Microsoft, piecing together story of why this flaw took so long to resolve and how it was used by threat actors.
Comments
3 responses to “Microsoft Took Nine Months To Fix Reported Flaw”
I don’t know what is sadder; it took Microsoft 9 months to fix this or that turn around *still* being faster than Apple in the past?
Why is a Macbook image used for a Microsoft article? Was this bug seriously affecting Macbooks running bootcamp in particular or something?
Choice of image aside, I don’t see why the issue wouldn’t affect Macs using boot camp.
Despite it’s advertising, Boot Camp is just an assistant and collection of drivers to help install and boo Windows.
Other than that, the install of Windows is basically identical on non-Mac hardware thus is just as susceptible to the vulnerabilities.
I think it was a crApple user that developed the exploit to steal funds to maintain his hipster beard.