Microsoft is facing scrutiny over its management of zero-day exploits. An individual known as Nightmare Eclipse has been publicly sharing proof-of-concept exploit code and is reportedly a disgruntled former employee. Cybersecurity researcher Kevin Beaumont noted Microsoft's response to the situation. Microsoft has indicated it may pursue legal action against Nightmare Eclipse for not adhering to 'proper coordination' in disclosing vulnerabilities. Additionally, the company has disabled Nightmare Eclipse's accounts on GitHub, GitLab, and the Microsoft Security Response Center.
Microsoft considers legal action regarding exploit disclosures
Microsoft is under criticism for its approach to zero-day exploits, particularly in relation to an individual named Nightmare Eclipse, who has shared exploit code online. The company is considering legal action against this individual for alleged improper disclosure of vulnerabilities and has disabled their accounts on multiple platforms.
No note attached
on this article.
Original vs. Neutral
Microsoft is threatening legal action for disclosing exploits
Microsoft considers legal action regarding exploit disclosures