MICROSOFT has condemned security researchers for releasing information about six unpatched vulnerabilities in its products, which it claims puts customers at risk. The vulnerabilities include various privilege escalation and denial-of-service flaws. Microsoft advocates for coordinated vulnerability disclosure (CVD), which allows companies to prepare patches before vulnerabilities are made public. The company emphasizes the importance of responsible disclosures to protect its customers.
Additionally, there is a growing concern in the cybersecurity community about adapting the traditional 90-day disclosure rule to keep pace with rapid advancements in AI technology.