Security Advisor

Microsoft Kicks Out Partner for Leak

Microsoft doesn't like it when you divulge information that you shouldn't be divulging. Especially if it puts millions of users in harm's way of hackers' nasty tricks.

Remember when Microsoft proof-of-concept code on a nasty RDP exploit made it online ahead of the fix? If not, here's the original story from March.

Microsoft wasn't going to take this breach of trust laying down and vowed to find the culprit responsible. Apparently, it has.

In a Microsoft Security Response Center blog, the company announced that the leak came from China-based Hangzhou DPTech Technologies Co., and that the guilty company's services would no longer be needed in the Microsoft Active Protections Program (MAPP).

Also, Microsoft will be changing the secret handshake that allows entry into the clubhouse.

"Additionally, starting with our May release, we strengthened existing controls and took actions to better protect our information," said Yunsun Wee, director of Microsoft Trustworthy Computing. "We believe that these enhancements will better protect our information, while furthering customer protection by aiding partners developing active protections."

I guess that means little information was provided to Hangzhou DPTech Technologies on May's seven security bulletin items (that's how you do a seamless transition!).

And since someone brought it up, this month's security update, released yesterday, combats quite a few remote code execution flaws -- five of the seven bulletins battle this type of exploit.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Surface and ARM: Why Microsoft Shouldn't Follow Apple's Lead and Dump Intel

    Microsoft's current Surface flagship, the Surface Pro X, already runs on ARM. But as the ill-fated Surface RT showed, going all-in on ARM never did Microsoft many favors.

  • IT Security Isn't Supposed To Be Easy

    Joey explains why it's worth it to endure a little inconvenience for the long-term benefits of a password manager and multifactor authentication.

  • Microsoft Makes It Easier To Self-Provision PCs via Windows Autopilot When VPNs Are Used

    Microsoft announced this week that the Windows Autopilot service used with Microsoft Intune now supports enrolling devices, even in cases where virtual private networks (VPNs) might get in the way.

  • Most Microsoft Retail Locations To Shut Down

    Microsoft is pivoting its retail operations to focus more on online sales, a plan that would mean the closing of most physical Microsoft Store locations.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.