Microsoft reverses legal threats against security researcher who disclosed 0-day vulnerability
By
Juha Saarinen
Summary
Microsoft has backed down from legal threats against a pseudonymous security researcher who disclosed a 0-day vulnerability, following backlash from the security community. The company stated it has no intention to pursue action against individuals conducting or publishing security research, marking a reversal of its earlier stance. The incident highlights ongoing tensions between tech companies and security researchers over responsible disclosure practices.
Source
Key quotes
· 2 pulledMicrosoft said it has 'no intention to pursue action against individuals conducting or publishing their security research'
The move by the tech giant came after backlash from the security community
You might also wanna read
Microsoft bans security researcher from GitHub after zero-day exploit posts; researcher threatens retaliation
A security researcher known as Nightmare-Eclipse (Chaotic Eclipse) has been banned from Microsoft's GitHub platform after allegedly posting
Microsoft bans security researcher from GitHub after zero-day exploit posts; researcher threatens retaliation
A security researcher known as Nightmare-Eclipse (Chaotic Eclipse) has been banned from Microsoft's GitHub platform after allegedly posting
Microsoft zero-day feud escalates as researcher threatens major exploit release on July 14
The ongoing feud between Microsoft and security researcher Nightmare Eclipse (aka Chaotic Eclipse) has escalated, with the researcher having
Microsoft zero-day feud escalates as researcher threatens major exploit release on July 14
The ongoing feud between Microsoft and security researcher Nightmare Eclipse (aka Chaotic Eclipse) has escalated, with the researcher having
Anonymous researcher releases two new Windows zero-day exploits after Patch Tuesday
An anonymous security researcher (Nightmare-Eclipse/Chaotic Eclipse) has released two new Windows zero-day exploits — YellowKey (a BitLocker
Anonymous researcher releases two new Windows zero-day exploits after Patch Tuesday
An anonymous security researcher (Nightmare-Eclipse/Chaotic Eclipse) has released two new Windows zero-day exploits — YellowKey (a BitLocker
Security Researcher Discovers Critical Data Vulnerability in Sports Insurer Portal, Faces Legal Threats Instead of Cooperation
A diving instructor and platform engineer discovers a critical security vulnerability in a sports insurer's portal during a dive trip, expos
Why the 90-day responsible disclosure policy is obsolete in the age of LLMs
The article argues that the traditional 90-day responsible disclosure window for security vulnerabilities is obsolete in the age of LLMs. Th
Himanshu Anand :: Threat Notes·1mo agoSecurity Researcher Discovers Vulnerability in Legal AI Platform Exposing 100k+ Confidential Files
A security researcher discovered a major vulnerability in Filevine, a billion-dollar legal AI platform, that exposed over 100,000 confidenti

Comments
Sign in to join the conversation.
No comments yet. Be the first.