Microsoft Criticized For Removing Exchange Exploit From GitHub
"Microsoft-owned GitHub has removed a proof-of-concept (PoC) exploit for critical ProxyLogon bugs in Microsoft Exchange, causing a backlash from security researchers," reports Inside.com's Developer newsletter: The exploit has recently led to infections of as many as 100,000 servers. Microsoft rushed out patches last week for the vulnerabilities in response to a number of Chinese groups exploiting the bugs. "This is huge, removing a security researcher's code from GitHub against their own product and which has already been patched. This is not good," Dave Kennedy, founder of TrustedSec, tweeted. "It's unfortunate that there's no way to share research and tools with professionals without also sharing them with attackers, but many people (like me) believe the benefits outweigh the risks," tweeted Tavis Ormandy, a member of Google's Project Zero.
from Slashdot https://ift.tt/2Q1Rnsw
Read more of this story at Slashdot.
from Slashdot https://ift.tt/2Q1Rnsw
Related Posts :
Patched Windows Bug Was Actually a Dangerous Wormable Code-Execution Vulnerability- FSF Warns: Stay Away From iPhones, Amazon, Netflix, and Music Steaming Services
- Did YouTube Pay Too Much to Broadcast Sunday Football Games?
- Linux Kernel Security Bug Allows Remote Code Execution for Authenticated Remote Users
- Microsoft Employee Accidentally Announces That Notepad is Getting Tabs in Windows 11
0 Response to "Microsoft Criticized For Removing Exchange Exploit From GitHub"
Post a Comment