| You know who sounds really petty though? The whiners taking Microsoft's side despite them missing the bug in the first place and sleeping on the report, and now attacking the person who reported it. > They're patching it, but not on this person's schedule so he's causing microsoft and USERS problems they didn't have before. Not in the slightest. You do not understand how the internet works. The vulnerable systems were vulnerable yesterday, and are vulnerable today because MS didn't think it was worth hurrying to patch them. Users' harm was caused by Microsoft who gave them a broken product, and by any hypothetical hackers, not by a security researcher telling the public what the hackers probably already knew. Microsoft had a chance to release an emergency bulletin as soon as they were informed of the vuln, with mitigation steps. (ie, block SMB, etc) They didn't, and in fact spent time recommending useless things (Win10, Edge) that only serve to slander competitors by implication, and pimp more of their products. Microsoft needs the understand that the new timeframe for releasing mitigations, if not patches, is closer to 24h than 24 days. But even if they hit that metric, they don't deserve any fanfare until they do it without lying or misdirecting. Downvoters: RTFA - The Microsoft reports are intentionally misleading wrt. steps customers need to follow to be safe, and they claim to be better that their competitors (Apple, etc) in this regard despite obvious and consistent proof to the contrary. Microsoft is responding to security concerns with marketing speak, and they're knowingly setting their customers up for catastrophic data loss or hacks by recommending useless fixes. |
> Downvoters: RTFA
These things break the HN guidelines. Please (re-)read them and post civilly and substantively, or not at all:
https://news.ycombinator.com/newsguidelines.html
https://news.ycombinator.com/newswelcome.html