Thursday, March 28, 2024

Microsoft Not Happy With Internet Explorer Zero-Day Bug Announcement

Microsoft is not happy with a Google researcher who published a zero-day Internet Explorer vulnerability on January 1st. By using the cross_fuzz browser fuzzing tool of his own creation, Michal Zalewski found the vulnerability and says he gave Microsoft over 6 months to fix the bug before he published a note about it.


Microsoft, however, is now accusing Zalewski of putting thousands of IE users at risk, even though the company plans to release a fix this month anyway, as confirmed by Microsoft spokesperson Jerry Bryant.


According to Microsoft, they were unable to initially reproduce the problem using Zalewski’s tool until he updated it in December. Zalewski says he, and others, were able to reproduce the problem using both the original tool and the updated tool, and Microsoft only took notice once others posted that they, too, could reproduce the problem using the original tool.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Popular Articles

Featured