Microsoft Kicks Out Partner for Leak
Microsoft doesn't like it when you divulge information that you shouldn't be divulging. Especially if it puts millions of users in harm's way of hackers' nasty tricks.
Remember when Microsoft proof-of-concept code on a nasty RDP exploit made it online ahead of the fix? If not, here's the original story from March.
Microsoft wasn't going to take this breach of trust laying down and vowed to find the culprit responsible. Apparently, it has.
In a Microsoft Security Response Center blog, the company announced that the leak came from China-based Hangzhou DPTech Technologies Co., and that the guilty company's services would no longer be needed in the Microsoft Active Protections Program (MAPP).
Also, Microsoft will be changing the secret handshake that allows entry into the clubhouse.
"Additionally, starting with our May release, we strengthened existing controls and took actions to better protect our information," said Yunsun Wee, director of Microsoft Trustworthy Computing. "We believe that these enhancements will better protect our information, while furthering customer protection by aiding partners developing active protections."
I guess that means little information was provided to Hangzhou DPTech Technologies on May's seven security bulletin items (that's how you do a seamless transition!).
And since someone brought it up, this month's security update, released yesterday, combats quite a few remote code execution flaws -- five of the seven bulletins battle this type of exploit.