A rivalry between corporations is nothing new and is a vital motivator to have this marketplace competitive. Although some companies make it restricted to light banter and making fun of their total competitor’s products, Google and Microsoft seem to have taken this several notches. Both companies possess a good revealing security flaws in each others’ products, which time, that it was Google that public revealed a burglar flaw in the Microsoft Edge browser. It isn’t the first time that Google described flaws while in the Edge browser, with another exploit being reported in November.
After making the exploit public, Google provided Microsoft with a 90-day grace period to get a fix available for its monthly Patch due for release in February. But Microsoft missed this goal as the fix is far more complex than initially anticipated by Microsoft. It\’s uncertain in respect of when Microsoft will have a fix available, given its complexity.
RelatedGoogle Confirms That Pixel 2 XL’s Proximity Sensor Difficulty is Fixed; Will Roll Update Out For Users In Coming Months
Tensions planning to rise between the two software giants
The public disclosure will likely increase tensions between the two companies. Microsoft hit back at Google\’s method to security patches last October, after discovering a Chrome flaw and disclosed it to Google from a discreet way, so that the Google had enough time to patch it. The exploit seemed to be around quite some time, given Google\’s policy to publicly disclose a flaw after 90 days with out a patch being presented to fix it.
There are, however, exceptions to the rule and Google can also disclose much sooner if your vulnerability is it being actively exploited. Google revealed a primary Windows bug back in 2016 just ten days after reporting it to Microsoft. Google has the benefit of revealed zero-day bugs in Windows previously before patches are offered.
While it’s good that security flaws are increasingly being reported the instant they’re discovered, publicly revealing one before the affected company includes a an opportunity to remedy it can do more damage than good. The recently discovered flaw just isn\’t as critical as most of the past disclosures, but publicly revealing this could end in it being exploited, knowing that a patch isn’t due for a time.
Source: The Verge