Microsoft has hit out at Google after one of the search giant's engineers released a full description of a vulnerability in the Windows Help and Support Center function for Windows XP and Windows Server 2003, complete with exploit code.
The software company, along with several other security firms, said that although the information was helpful, irresponsible disclosure of vulnerabilities over the web could provide information useful to hackers in attempting to exploit the vulnerabilities.
Google engineer Tavis Ormandy posted a document detailing the vulnerability in Windows XP, explicitly explaining how an attack exploiting the vulnerability could be carried out by hackers.
Oblivious to the criticism, he said: “I would like to point out that if I had reported (the issue) without a working exploit, I would have been ignored. This document contains my own opinions. I do not speak for or represent anyone but myself.”