Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment: Of course Microsoft knew (Score 3, Insightful) 123

by s0446 (#41439449) Attached to: Did Microsoft Know About the IE Zero-Day Flaw In Advance?
I work in the field and can say there's tons of researchers who submit these flaws. Not all of them can be fixed instantly, and in some instances (like this) fixing them could actually create hints for hackers to use and exploit. That's why it's often better to be silent about them and make a fix ready in case they are publicly exploited. One of the worst case scenarios is if you patch something with huge notes about it and the hackers find out about the flaw that way.

And the bad hackers? They submit these to competitors like Google who then "leak" the news about competitors flaw.

"If it ain't broke, don't fix it." - Bert Lantz