A Google employee has been criticized for deliberately released the source code that can exploit vulnerabilities that have the Windows platform.Tavis Ormandy, a Google employee, received criticism from many people, for spreading malicious programs for computers Windows XP and Windows Server 2003.
As quoted from The Register, the hole was found on the Internet Explorer browser but it works well in other browsers. In fact, this hole can be more quickly infect when the user is being turned on Windows Media Player.
This flaw was discovered by Ormandy, the Windows Help Centre. Hole located on the Help (Help), which uses a white list (white list) contains web pages that are allowed to be accessed.
The problem with the white list, allowing a person to add URL links that can lead users to malicious pages, to the list, white list it.
Step Ormandy releasing malicious code that could infect Windows systems that, taken just five days after he reported it to the vulnerabilities of Microsoft.
Generally, when receiving reports of security vulnerabilities, Microsoft will respond to and prepare a patch against the hole.
Later Ormandy not think Microsoft will issue patches, as expected.
Accordingly, then he deliberately distribute software code that could exploit these vulnerabilities. All with the goal of keeping Microsoft's attention to the notification from him.
However, the action Ormandy sharp criticism because he is an employee of Google, which is the main rival Microsoft.
0 komentar:
Post a Comment