While Google itself (well, in the person of Tavis) is famous for not responsibly disclosing vulnerabilities it finds, Vupen's work strikes me as downright (let me make clear - this is my opinion) criminal.
They have determined a critical security vulnerability and they don't intend to share it with anyone EXCEPT their paying customers? Not even with the vendor? I consider that negligent, at best. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: [email protected] [mailto:[email protected]] Sent: Tuesday, May 10, 2011 8:39 AM To: NT System Admin Issues Subject: More cracker fun! Google Chrome, "current version" (as of this morning, 10-MAY-2011, version 11.0.696.65), all version of Windows, both 32- and 64-bit, an exploit has been found whereby malicious code can "break out of the sand box": http://news.cnet.com/8301-27080_3-20061269-245.html?tag=mncol;txt -- richard ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
