The rivalry between Microsoft and Google has spread to the realm of software bugs.
For the second time in a few weeks, Google security researchers posted details about a Windows security flaw before Microsoft fixed the bug. Microsoft didn’t publicly reply to Google after the first case.
But after Google detailed another security vulnerability Sunday, two days before Microsoft’s release of its regular slate of software fixes, a Microsoft official accused the Mountain View, Calif., company of trying to embarrass Microsoft rather than protect customers.
Google’s “Project Zero,” its security unit dedicated to finding and exposing bugs, on Sunday revealed a Windows 8.1 security flaw that can allow low-level users of a network to gain administrator privileges and access sensitive functions.
Google says it follows a consistent formula with its security efforts. Once researchers discover a flaw, they alert the company whose software is involved, and give them 90 days to fix the error before Google makes the bug public (along with code that could allow people to exploit it).More