Microsoft angry at Google over bug report

Google announced details of Windows bug before Microsoft released patch to fix it

Tags: Google IncorporatedMicrosoft Corporation
  • E-Mail
Microsoft angry at Google over bug report Microsoft reacted angrily when Google posted details of the bug online before a patch to fix the issue was released. (Peteri/Shutterstock.com)
By  Helen Gaskell Published  January 13, 2015

Google has been criticised by Microsoft after the search engine publicised a security flaw in Windows.

According to online reports, Microsoft reacted angrily when Google posted details of the bug online before a patch to fix the issue was released. Announcing the bug is said to have put some users at risk.

"I feel sorry for the users, who could be impacted by Google's schoolyard antics," tweeted expert Graham Cluley, who noted the company had been criticised for similar behaviour in the past.

"Google was wrong with what they did," wrote one developer.

"They don't have all of the OS code so they have no idea how much other code would have to be rewritten to correct the problem.

The disclosure was part of Google's Project Zero initiative, which seeks to find bugs in popular software and then give the manufacturers responsible 90 days to fix the problem.

This bug, which affects Windows 8.1, was revealed by Google to Microsoft on 13 October 2014. On 11 January, Google publicised the flaw.

Microsoft said it had requested that Google wait until it released a patch on 13 January: "We asked Google to work with us to protect customers by withholding details until Tuesday, January 13, when we will be releasing a fix," Microsoft's senior director of research Chris Betz said in a blog post.

"Although following through keeps to Google's announced timeline for disclosure, the decision feels less like principles and more like a 'gotcha', with customers the ones who may suffer as a result.

"What's right for Google is not always right for customers. We urge Google to make protection of customers our collective primary goal."

624 days ago
Vassilis Prevelakis

Don't shoot the messenger.

If you write buggy software, then you are to blame, not the guy who discovers the problem and sounds the alarm.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code