In March, Microsoft announced that it had released a security update for Windows XP, Windows Vista and Windows 7. The update contained a fix for a flaw that was discovered in Windows' remote desktop protocol that, if used by hackers, could have allowed them to break into a Windows PC to run malicious code.
However, a Chinese hacker group quickly released a proof-of-concept code that could have allowed others to create the exploit for the remote desktop protocol flaw. The code was released much sooner than expected and that led to suspicions that Microsoft's security fix had been leaked out before the company officially released it.
Today, Microsoft announced that as part of its internal investigation into the security patch leak, one of the companies involved in its Microsoft Active Protections Program (MAPP), the Chinese based Hangzhou DPTech Technologies " ... had breached our non-disclosure agreement (NDA). Microsoft takes breaches of our NDAs very seriously and has removed this partner from the MAPP Program."
MAPP is supposed to be a program designed to give companies such as anti-virus makers and corporate security groups a heads-up on any exploits Microsoft has discovered 24 hours before a Windows security update is released. Microsoft apparently believes someone inside Hangzhou DPTech Technologies made information about the March exploit fix available to the hacker group.
Microsoft also announced that starting with its patch release this month, "... we strengthened existing controls and took actions to better protect our information. We believe that these enhancements will better protect our information, while furthering customer protection by aiding partners developing active protections." Microsoft also posted up another blog post today which goes into more detail about the MAPP program and how it is supposed to work.
4 Comments - Add comment