Google risks Microsoft's wrath with new Windows 8.1 bug disclosure
Google goes public once more with details about Windows security flaw. How will Microsoft respond?
Google could feel the full force of Microsoft's wrath again by going public with details of a Windows 8.1 security flaw before the software giant has had a chance to fix it.
The search firm's security research team claim to have uncovered the issue, which allows hackers to impersonate users and decrypt sensitive data on Windows 7 and 8.1 machines, in October 2014.
"This might be an issue if there's a service which is vulnerable to a named pipe planting attack or is storing encrypted data in a world readable shared memory section," the Google research team wrote in a blog post.
The researchers then go on to acknowledge the security hole may have been created purposefully by Microsoft, before sharing details of how it can be replicated.
"This behaviour, of course, might be design. However, not having been party to the design, it's hard to tell," the post stated.
The group claim to have notified Microsoft about the issue, with further posts on the site suggesting the vendor had planned to release a fix for it during the January round of Patch Tuesday updates.
However, it's claimed the patch was pulled because of undisclosed compatibility issues, and is now set for release in February.
Under the terms of Google's disclosure policies, Microsoft was given 90 days to patch the problem, but in this instance has failed to do so. As a result, Google has now gone public with the details.
That decision is unlikely to have gone down well at Redmond, after Microsoft recently hit out at Google for disclosing details of another security hole before it had a chance to patch it.
IT Pro contacted Microsoft for comment on Google's decision to publicly release details of this latest security flaw, but was still awaiting a response at the time of publication.
Navigating the new normal: A fast guide to remote working
A smooth transition will support operations for years to comeDownload now
Putting a spotlight on cyber security
An examination of the current cyber security landscapeDownload now
The economics of infrastructure scalability
Find the most cost-effective and least risky way to scaleDownload now
IT operations overload hinders digital transformation
Clearing the path towards a modernised system of agreementDownload now