Skip to main content

Microssoft Denies 'Zero-Day' Flaw Has Been Exploited

Microsoft has said that it is still reviewing the 'zero-day' vulnerability discovered by security consultant Secunia, but that attacks that exploit the flaw have not yet been spotted in the wild.

The bug is related to a buffer overflow vulnerability in Windows XP and 2000.

In a statement, Jerry Bryant of Microsoft's response center, said: “We're currently unaware of any attacks trying to use the claimed vulnerability, or of customer impact. Once we're done investigating, we will take appropriate action to help protect customers.”

The bug was reported on the same day a group of angry security researchers publicly disclosed the detailed account of a Windows zero-day vulnerability in protest against the ill treatment of security professionals by IT companies.

The researchers also announced the creation of the Microsoft-Spurned Researcher Collective, a pun on Microsoft's MRSC (Microsoft Security Response Centre).

The collective is a group of anonymous security experts collaborating to offer support to fellow researchers who have been ill-treated by IT firms.