Google Researcher Publishes Windows 10 Zero-Day Security Vulnerability

A security researcher who is part of Google’s “Project Zero” team tasked with hunting down zero-day vulnerabilities, has gone public with an exploitable Windows vulnerability that Microsoft is still in the process of fixing. Tavis Ormandy has tweeted that he had uncovered a security issue with the core cryptographic library for Windows, revealing that, “Microsoft committed to fixing it in 90 days, then didn’t.” However, returning to this Microsoft Windows problem, the argument can be made that the Project Zero 90 day deadline is plenty of time for a well-resourced organization of this size to both effect a fix and apply all the testing that is required to ensure it works without impacting users in other ways.

Source: www.forbes.com