Microsoft Stands Firm on Public Disclosure Policy as Risk of Zero-Day Vulnerabilities Multiplies
The researcher asserts that they approached Microsoft privately with the zero-day vulnerabilities ahead of their public disclosure, but the company was not interested in listening to them. Microsoft, in turn, has said that the researcher’s actions are “unacceptable” and even “criminal” in providing attackers with a road map to immediate use of the vulnerabilities.