Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft IDs Chinese partner as source of leaked Windows exploit


  • Please log in to reply
2 replies to this topic

#1 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:05:19 AM

Posted 04 May 2012 - 01:57 PM

http://www.infoworld.com/d/security/microsoft-ids-chinese-partner-source-of-leaked-windows-exploit-192433?source=rss_security

"During our investigation into the disclosure of confidential data shared with our Microsoft Active Protections Program (MAPP) partners, we determined that a member ... Hangzhou DPTech Technologies Co., Ltd., had breached our non-disclosure agreement (NDA)," Yunsun Wee, director of Microsoft's Trustworthy Computing group, wrote in a post to a company blog. "Microsoft takes breaches of our NDAs very seriously and has removed this partner from the MAPP Program."

snip

Microsoft launched its investigation in mid-March after Italian security researcher Luigi Auriemma said code in an exploit circulating on a Chinese website was identical to what he had provided HP TippingPoint's bug bounty program to qualify for a reward.

Auriemma had uncovered a vulnerability in Windows' Remote Desktop Protocol (RDP) in May 2011, then reported it to TippingPoint. His code was used by the Zero Day Initiative to create a working exploit as part of the bounty program's bug verification work. ZDI passed along the exploit and other information about the RDP vulnerability to Microsoft.


Edited by Union_Thug, 04 May 2012 - 02:00 PM.


BC AdBot (Login to Remove)

 


#2 Required Field

Required Field

  • Members
  • 169 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 08 May 2012 - 11:50 AM

Talk about abusing someone's trust...
"Most quotes attributed to famous people on the internet are fake." -Abraham Lincoln

#3 Nawtheasta

Nawtheasta

  • Members
  • 403 posts
  • OFFLINE
  •  
  • Location:New England, USA
  • Local time:05:19 AM

Posted 10 May 2012 - 02:56 PM

At some point we may wake up to the fact that the government of China is not our friend.
We are nothing more to them then a convenient avenue to gain knowledge and manufacturing abilities without the need to start from scratch.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users