Share

Top 5 Stories

News

Microsoft partnership gives the boot to Chinese security firm

04 May 2012

Microsoft has decided to expel Chinese security firm Hangzhou DPTech Technologies from its Microsoft Active Protections Program (MAPP) partnership for violation of its nondisclosure agreement (NDA).

“During our investigation into the disclosure of confidential data shared with our Microsoft Active Protections Program (MAPP) partners, we determined that a member of the MAPP program, Hangzhou DPTech Technologies Co., Ltd., had breached our nondisclosure agreement (NDA)”, wrote Yunsun Wee, director of Microsoft Trustworthy Computing. Microsoft declined to be more specific about the disclosure.

Reports indicate that Hangzhou DPTech Technologies was identified as the source of the leak of a critical vulnerability in Windows’ remote desktop protocol (RDP).

Microsoft issued a patch for the RDP vulnerability in March and urged users to make fixing the flaw a “special priority” because of the “attractiveness of this vulnerability to attackers.”

Researcher Luigi Auriemma, who found the RDP flaw and reported it to Microsoft through the Zero Day Initiative (ZDI), said that he suspected the leak had come from the MAPP program, according to Dennis Fisher, editor of Kaspersky Lab’s Threatpost.

The proof-of-concept exploit code that appeared on a Chinese site included a packet that Auriemma wrote himself and sent to ZDI, Fisher noted.

"The packet I gave to ZDI was unique because I modified it by hand. There are no doubts on this thing. Microsoft is the source of the leak, probably during the distribution to MAPP partners, but I still have some doubts", Auriemma said in an email interview at the time of the leak.
 

This article is featured in:
Application Security  •  Internet and Network Security  •  IT Forensics

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×