Security Advisor

Microsoft Kicks Out Partner for Leak

Microsoft doesn't like it when you divulge information that you shouldn't be divulging. Especially if it puts millions of users in harm's way of hackers' nasty tricks.

Remember when Microsoft proof-of-concept code on a nasty RDP exploit made it online ahead of the fix? If not, here's the original story from March.

Microsoft wasn't going to take this breach of trust laying down and vowed to find the culprit responsible. Apparently, it has.

In a Microsoft Security Response Center blog, the company announced that the leak came from China-based Hangzhou DPTech Technologies Co., and that the guilty company's services would no longer be needed in the Microsoft Active Protections Program (MAPP).

Also, Microsoft will be changing the secret handshake that allows entry into the clubhouse.

"Additionally, starting with our May release, we strengthened existing controls and took actions to better protect our information," said Yunsun Wee, director of Microsoft Trustworthy Computing. "We believe that these enhancements will better protect our information, while furthering customer protection by aiding partners developing active protections."

I guess that means little information was provided to Hangzhou DPTech Technologies on May's seven security bulletin items (that's how you do a seamless transition!).

And since someone brought it up, this month's security update, released yesterday, combats quite a few remote code execution flaws -- five of the seven bulletins battle this type of exploit.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Exchange Server June Cumulative Updates Arrive, but with Red Tape

    Microsoft released its quarterly cumulative updates (CUs) for Exchange Server 2013, 2016 and 2019 products this week, but added an extra step for IT pros to consider before installing them.

  • Moving an Old VM to a New Hyper-V Host

    So you want to know whether a Hyper-V virtual machine built on a legacy host will be supported by a newer server? There's a PowerShell command for that.

  • AI-Driven Solution Tracks Packets Through the Datacenter

    Datacenter solutions vendor Kaloom this week unveiled a new offering the company says will enable the development of "self-driving" datacenter networks.

  • Microsoft Previews Azure Bastion Service for Private VM Access

    Microsoft on Tuesday announced a preview of the Azure Bastion service, which lets a user connect to an Azure virtual machine (VM) using a private Internet connection.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.