Microsoft Patches Flaw Found By Google Researcher

Microsoft has announced that it will be releasing four 'Patch Tuesday' security updates, including a fix for the Microsoft Help and Support Centre vulnerability disclosed by Google researcher Tavis Ormandy.

Ormandy had publicly released the details of the vulnerability after Microsoft had reportedly refused the address the issue. His action came in for fierce criticism from the company, which accused him of irresponsibly disclosing the details of the bug, leading hackers to exploit the vulnerability in thousands of Windows XP systems.

Microsoft claims that it was in the process of examining the vulnerability when Ormandy published it.

In a statement, Microsoft's Jerry Bryant had said: “We were in the early phases of investigation when details on this issue were publicly released on 9 June.”

A number of security researchers have come to Ormandy's defence, releasing the details of yet more Windows vulnerabilities and forming the Microsoft-Spurned Researcher Collective (MSRC), in order to protest the ill treatment of security researchers by Microsoft.