Please run windows update now

Keith Medcalf kmedcalf at dessus.com
Tue May 16 22:41:36 UTC 2017


> What would be more of an interesting discussion, to me, would be why
> doesn't Microsoft know about these hoarding of vulnerabilities by State
> actors and plug them up?

Some state actors they do know.  They custom write the security flaws on the state actors request.

> Are they really that clever of vulnerabilities? Does Microsoft not have
> the resources? Is Windows like the ocean, where there are just hundreds of new
> species awaiting to be discovered?
> Did Microsoft at least know of the NSA vulnerabilities, for example, and
> kept it classified until NSA told them to plug them up?

Of course Microsoft knew, since they wrote in the backdoor in the first place.  That is why when informed by their employers that the backdoor was going to be made public, they could undo the changes they had introduced so rapidly.






More information about the NANOG mailing list