Microsoft and Google will never be best friends. However, Google’s actions stained the reputation of its contender last year. In 2016, Google informed the public over a major Windows bug. Microsoft in its turn was still working on a fix when the news broke loose. The event that caught Microsoft off guard was added to the bitterness that exists between the two companies.
Microsoft Earned $15,837 for Fixing Bugs for Chrome
On Wednesday, the security team over at Microsoft posted a blog piece that has the bittersweet taste of revenge. They found a remote Chrome vulnerability last month, and they decided to reciprocate Google’s last year blunder. However, they also sent a fix with that bug notification.
As a result, the blog describes all the issues there are with the Chrome browser. On top of that, Microsoft seized the opportunity to boast with its own competitive Edge.
The author of the post is Jordan Rabet. He went on a direct charge against Google’s issues. He disclosed how their rival’s browser uses ‘sandboxing’ and isolation techniques as protective shields against malicious code. Despite all these efforts, it came easy to Microsoft to find and track a security hole. Hackers can take advantage of this oversight and attack Chrome users.
The underlined vulnerability concerns a Javascript engine in Chrome. Nonetheless, Microsoft contacted Google to pinpoint the problem. Last month, the company launched a patch to fix it.
“We responsibly disclosed the vulnerability that we discovered along with a reliable remote code execution exploit to Google on September 14, 2017.”
At the same time, Microsoft accepted a $7,500 bounty for finding the bug. There were other flaw reports Google received from rival which amounted the total reward to $15,837. The budget was rounded to $30,000 and headed to an educational center that Microsoft selected in Seattle.
Microsoft Is Not Happy with the Way Google Discloses a Security Hole
The blog post used Microsoft’s example of a fair play spirit to highlight how bad Google has been. Thus, it came to criticize Google for launching a bug fix for Microsoft on an open source platform, Github, ahead of the official patch. This action gave hackers a month at their disposal to find the code and take advantage of the unfixed problem.
Google has repeated this kind of disclosure a number of times that would leave both users and its rival vulnerable. This repetitive audacity angered Microsoft and made it publish reproving blog posts.
Image source: 1