When disclosure is responsible

What originally appeared to be one of the most damaging releases in recent memory of “zero-day” exploits, or hacking tools that take advantage of previously unknown software vulnerabilities, fell from the sky with the shrieking ferocity of a MOAB bomb and landed with the soft thud of a dud.

via Microsoft’s Quiet Patch of Shadow Broker NSA-Hacks Signals Policy Win | Fortune.com

So it appears as if Microsoft was able to patch most of the shadow brokers hacks a few weeks prior to the release.

It’s a good example of co-ordinated vulnerability disclosure and patching. In a world where it appears that anyone who discovers a vulnerability wants public recognition and immediate fixes, it’s a refreshing change.

%d bloggers like this: