Skip to main content
  1. Home
  2. Computing
  3. Legacy Archives

Security Experts Rally…Against Microsoft

Add as a preferred source on Google
Image used with permission by copyright holder

In the world of computer security, the industry standard best practice is a process called “responsible disclosure:” when a security issue is discovered with a software product, the discoverer reports to the problem to the software vendor and gives them time to develop a patch or workaround. Once a fix is available, then the bug’s discoverer (or the affected software company) can make information about the bug public. The idea is to reduce (or eliminate) the amount of time knowledge about the problem is floating around the Internet with no fix available.

Now, an anonymous group of security researchers has become frustrated with the “hostility” displayed by software giant Microsoft to outside security researchers, and has decided to throw responsible disclosure to the wind. Naming themselves the Microsoft-Spurned Researchers Collective—MSRC, a play on Microsoft’s own Microsoft Security Response Center—they have pledged to full disclose any vulnerabilities they uncover, without first reporting the problems to Microsoft so the company can evaluate them and develop a fix. To make good on their charter, the group disclosed a vulnerability in Windows Vista and Server 2008 that could be used to crash systems and, potentially, execute malicious code.

Recommended Videos

The anonymous group cites Microsoft’s recent treatment of Tavis Ormandy as the inventive for their action; Ormandy found the 17-year-old security problem in WIndows’ Virtual DOS Machine and more recently reported a significant security issue with Windows XP’s Help Center. Microsoft identified Ormandy as a Google employee; Ormandy maintains his reports to Microsoft were independent of Google and the company’s name should not have been used.

If the Microsoft-Spurned Researcher Collective gains momentum—and is able to deliver up significant security vulnerabilities to the general public—the group could be a boon to attackers and malware developers always looking for new ways to break into Windows systems. However, the group’s existence highlights the often contentious relations between software vendors and security researchers: while the vast majority of security issues are reported and patched without public drama, software makers do need to be mindful of how they interact with broader computer security communities.

Geoff Duncan
Former Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Canva Code 2.0 just made vibe coding way less intimidating for everyone
Canva Code 2.0 feature

Coding used to be reserved for developers who spent years learning complex languages. That has slowly changed with vibe coding, which lets you build apps and websites using simple, plain-language prompts. 

The problem is that most of these tools still feel intimidating for regular folks, as they still need to understand the code to make any meaningful changes. If not, everything you make tends to look the same.

Read more
Windows users can finally pick when updates stop with Microsoft’s latest patch
From pausing updates on your own schedule to rolling back a broken PC in one click, here's everything new in Windows 11's July 2026 update.
Windows 11 Laptop

Patch Tuesday updates are usually a shrug-and-install affair, but Microsoft's July 2026 release actually gives you something to be excited about.

You can grab this update, tagged KB5101650, right now through Settings, or manually via the Microsoft Update Catalog if you'd rather not wait for it to roll out.

Read more
Can AI audiobooks narrate better than humans? This study says many listeners think so
New study finds listeners favor AI narrated audiobooks over traditional human narration in blind testing.
Audiobooks on Spotify on an iPhone.

You might assume most listeners would pick a real human voice over a synthetic one, but a new study says otherwise. Edison Research at SSRS surveyed 1,005 fiction audiobook fans in May 2026 for a study commissioned by AI audio company Spoken. The twist is that listeners rated the AI narration higher, and they did not even know it was AI until after they heard it (via Variety).

Why listeners favored the AI narration

Read more