Security Advisor

Microsoft Kicks Out Partner for Leak

Microsoft doesn't like it when you divulge information that you shouldn't be divulging. Especially if it puts millions of users in harm's way of hackers' nasty tricks.

Remember when Microsoft proof-of-concept code on a nasty RDP exploit made it online ahead of the fix? If not, here's the original story from March.

Microsoft wasn't going to take this breach of trust laying down and vowed to find the culprit responsible. Apparently, it has.

In a Microsoft Security Response Center blog, the company announced that the leak came from China-based Hangzhou DPTech Technologies Co., and that the guilty company's services would no longer be needed in the Microsoft Active Protections Program (MAPP).

Also, Microsoft will be changing the secret handshake that allows entry into the clubhouse.

"Additionally, starting with our May release, we strengthened existing controls and took actions to better protect our information," said Yunsun Wee, director of Microsoft Trustworthy Computing. "We believe that these enhancements will better protect our information, while furthering customer protection by aiding partners developing active protections."

I guess that means little information was provided to Hangzhou DPTech Technologies on May's seven security bulletin items (that's how you do a seamless transition!).

And since someone brought it up, this month's security update, released yesterday, combats quite a few remote code execution flaws -- five of the seven bulletins battle this type of exploit.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

    This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

  • Windows 10 Version 1809 Users May Get Visual Studio Crashes

    Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.

  • Standardizing the Look of Outlook's Outbound Messages

    Microsoft typically gives users a blank canvas to compose new e-mails in Outlook. In some corporate environments, however, a blank canvas isn't a good thing.

  • Windows 10 'Semiannual Channel Targeted' Goes Away This Spring

    Microsoft plans to slightly alter its Windows servicing lingo and management behavior with its next Windows 10 operating system feature update release, coming this spring.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.