Microsoft Not Happy With Internet Explorer Zero-Day Bug Announcement

By HTMLGoodies Staff

Microsoft is not happy with a Google researcher who published a zero-day Internet Explorer vulnerability on January 1st. By using the cross_fuzz browser fuzzing tool of his own creation, Michal Zalewski found the vulnerability and says he gave Microsoft over 6 months to fix the bug before he published a note about it.

Microsoft, however, is now accusing Zalewski of putting thousands of IE users at risk, even though the company plans to release a fix this month anyway, as confirmed by Microsoft spokesperson Jerry Bryant.

According to Microsoft, they were unable to initially reproduce the problem using Zalewski's tool until he updated it in December. Zalewski says he, and others, were able to reproduce the problem using both the original tool and the updated tool, and Microsoft only took notice once others posted that they, too, could reproduce the problem using the original tool.

View Full Article

Make a Comment

Loading Comments...

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.
Thanks for your registration, follow us on our social networks to keep up-to-date