Lawrence Gaffié, security researcher, revealed earlier this week last proof of the existence of a critical flaw in Windows 7 and Windows Server 2008. What Microsoft has quickly criticized, although the publisher of these operating systems recognizes the existence of this vulnerability and confirms that its engineers are currently working on a fix. Note that if this flaw is exploited, it can cause a denial of service on a vulnerable computer.

However, according to Microsoft, this vulnerability does not take control of a remote computer or execute malicious code. To say this, Microsoft says no attack exploiting this flaw has for the moment, been saved. This does not prevent Microsoft is rife as to the method of disclosure of the flaw chosen by Laurent Gaffié which, according to publisher, is needlessly endanger users of OS involved.

The benefits of full-disclosure

Microsoft said this title to all the specialists that focus on its operating systems that can directly report the discovery of a flaw without alerting the media so that a patch can be developed without endangering users. We recall however that if some people like Laurent Gaffié, publicly reveal these flaws, it is precisely to force Microsoft to respond quickly and to publish in the emergency patch...

Lawrence Gaffié, security researcher, revealed earlier this week last proof of the existence of a critical flaw in Windows 7 and Windows Server 2008. What Microsoft has quickly criticized, although the publisher of these operating systems recognizes the existence of this vulnerability and confirms that its engineers are currently working on a fix. Note that if this flaw is exploited, it can cause a denial of service on a vulnerable computer.

However, according to Microsoft, this vulnerability does not take control of a remote computer or execute malicious code. To say this, Microsoft says no attack exploiting this flaw has for the moment, been saved. This does not prevent Microsoft is rife as to the method of disclosure of the flaw chosen by Laurent Gaffié which, according to publisher, is needlessly endanger users of OS involved.

The benefits of full-disclosure

Microsoft said this title to all the specialists that focus on its operating systems that can directly report the discovery of a flaw without alerting the media so that a patch can be developed without endangering users. We recall however that if some people like Laurent Gaffié, publicly reveal these flaws, it is precisely to force Microsoft to respond quickly and to publish in the emergency patch ...

In this article, we return to the problems faced by Microsoft vis-à-vis one of its utilities to install Windows 7 from a USB key, which obviously does not respect the GPL. Today we wind progress of this case and we learn that finally, the utility "Windows 7 USB / DVD Download Tool" will be back online in the coming days on the Microsoft Store, but now under GPL V2 .

An unintentional error

Fears had been firm in Redmond have thus proven legitimate, and the investigation quickly led internally led to this solution. Microsoft has confirmed that the utility in question contains many source code available under GPL. And Peter Galli, head of open source at Microsoft, said the violation was not intentional on his blog.