Microsoft Bug Would Let Attacker “Take Down An Entire Windows Fleet”


A Google vulnerability researcher says he has identified a bug in SymCrypt, the core cryptography library for Windows, that when exploited in a denial of service (DoS) attack could “take down an entire Windows fleet relatively easily”.

After disclosing the bug to Microsoft on Wednesday, March 13, Tavis Ormandy said he was told that the company would need until today (June 11) to patch the issue, but was later told the patch will not ship until July owing to issues found in testing. 

The bug was subject to a 90 day disclosure deadline. “Today is day 91, so the issue is now

To see the full content, share this page by clicking one of the buttons below
Click on a tab to select how you'd like to leave your comment

Leave A Reply

Your email address will not be published.