Microsoft is quite disgusted with Google for disclosing a 90 day old vulnerability in Windows 8.1 just a couple of days before the Redmond based tech giant was about to fix the bug.
Google just revealed this bug on the 11th of January stating that the flaw allowed non privileged users to elevate their rights to administrator level especially during the Windows 8.1 login process.
This wasn’t the first revelation by Google in terms of Windows 8.1. The company reported a nasty takedown of Windows 8.1 in September then revealing it on December the 30th.
Google took the above steps in accordance with its own policies, which states that the tech giant reveal flaws 90 days after it reports them to vendors. In this case, the flaw was first reported to Microsoft on 30th October.
Microsoft says that Google acted quite irresponsibly because the company not only planned a solution for the problem on January 13th but also asked Google not to go public until that day.
Microsoft’s senior director for trustworthy computing Chris Betz wrote “Specifically, we asked Google to work with us to protect customers by withholding details until Tuesday, January 13, when we will be releasing a fix.”
He added that “Google’s 90 day disclosure policy feels less like principles and more like a ‘gotcha’, with customers the ones who may suffer as a result.”
“Google needs to understand that what’s right for them may not always be right for the customers.”
Betz also called on the Mountain View based tech giant along with others to sign up to Redmond’s Coordinated Vulnerability Disclosure policy.