Microsoft Took Nine Months To Fix Reported Flaw

Microsoft Took Nine Months To Fix Reported Flaw

Ever since Bill Gates launched the Trustworthy Computing strategy at Microsoft, the software company has done a good job at addressing security issues in a timely manner. Regular patching, complemented by out-of-cycle releases when critical issues are detected and resolved are now commonplace. So when news broke that it took Microsoft nine months to fix a serous flaw, it was something of a surprise to me.

The flaw, officially designated CVE-2017-0199, allows a remote hacker to invisibly take control of a system. It was used, after being reported to Microsoft, by hackers to spy on third parties and as part of a toolkit deployed to steal banking details. Users from across the world were affected.

Reuters has looked into the matter and spoken with a number of experts from security firms and Microsoft, piecing together story of why this flaw took so long to resolve and how it was used by threat actors.


    • Choice of image aside, I don’t see why the issue wouldn’t affect Macs using boot camp.

      Despite it’s advertising, Boot Camp is just an assistant and collection of drivers to help install and boo Windows.

      Other than that, the install of Windows is basically identical on non-Mac hardware thus is just as susceptible to the vulnerabilities.

Log in to comment on this story!