Latest


Microsoft faces backlash over irresponsible security practices

  •   Fri, Aug 04 2023 12:49:11 PM

New Delhi, Aug 4 (IANS): Microsoft is facing mounting criticism for their lack of transparency and irresponsible security practices.

In a blog post, Amit Yoran, the CEO of the cybersecurity company Tenable, said Microsoft’s cybersecurity track record is “even worse than you think”.

Tenable Research discovered a critical flaw in Microsoft's Azure platform in March, allowing unauthorised access to steal sensitive data.

Microsoft was also made aware of the vulnerability, but it took them more than 90 days to release a patch.

The cybersecurity firm claimed that this security flaw has exposed several customers, including a bank, to cyberattacks.

Cloud providers use a shared responsibility model, which is harmed when vendors fail to notify customers about issues as they arise and apply fixes as soon as possible.

"Last week, Senator Ron Wyden sent a letter to the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Justice and the Federal Trade Commission (FTC) asking that they hold Microsoft accountable for a repeated pattern of negligent cybersecurity practices, which has enabled Chinese espionage against the US government," Yoran said.

The CEO further said that Microsoft plans to fix the problem by the end of September, but the delay is "grossly irresponsible, if not blatantly negligent".

He also pointed out data from Google's Project Zero, which showed that Microsoft products have accounted for 42.5 per cent of all discovered zero-day vulnerabilities since 2014.

Responding to Yoran's criticism, Microsoft told The Verge: "We appreciate the collaboration with the security community to responsibly disclose product issues. We follow an extensive process involving a thorough investigation, update development for all versions of affected products, and compatibility testing among other operating systems and applications.

"Ultimately, developing a security update is a delicate balance between timeliness and quality, while ensuring maximised customer protection with minimised customer disruption."

Meanwhile, Microsoft took the top spot in the second quarter (Q2) of 2023 as the most impersonated brand for phishing scams, according to the report by Check Point Research.

It climbed up the rankings last quarter, moving from third place in Q1 2023 to the top spot in Q2.

The tech giant accounted for 29 per cent of all brand phishing attempts.

 
  

Top Stories


Leave a Comment

Title: Microsoft faces backlash over irresponsible security practices



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like