Share

Related Stories

  • Interview: Microsoft's Steve Lipner
    Microsoft still gets mixed reviews from the information security community. Steve Lipner, however, does not. Eleanor Dallaway met Lipner at the recent RSA Conference in San Francisco and discovered that actually, he may just be one of the best things to have happened to the software giant
  • Death, taxes, and Microsoft's Patch Tuesday
    IT administrators in the US better have their taxes done already because Microsoft is sending plenty of work on Tuesday with six security bulletins, four of which are rated critical and could lead to remote exploitation by hackers.
  • Microsoft takes control of 800 domains associated with Zeus botnets
    In a major action against the banking trojan Zeus, Microsoft with FS-ISAC and NACHA and research from Kyrus Tech and F-Secure have succeeded in disrupting a number of the most harmful Zeus botnets in “in an unprecedented, proactive cross-industry action.”
  • Microsoft says sample attack code leaked to hackers
    Microsoft is warning that proof-of-concept code exploiting a critical vulnerability involving the remote desktop protocol (RDP) in all versions of Windows has been leaked.
  • Microsoft warns about 'attractive' security hole in Windows
    Microsoft is warning users that an "attractive" critical vulnerability in the remote desktop protocol (RDP) of Windows could be exploited to automatically spread a virus.

Top 5 Stories

News

Microsoft partnership gives the boot to Chinese security firm

04 May 2012

Microsoft has decided to expel Chinese security firm Hangzhou DPTech Technologies from its Microsoft Active Protections Program (MAPP) partnership for violation of its nondisclosure agreement (NDA).

“During our investigation into the disclosure of confidential data shared with our Microsoft Active Protections Program (MAPP) partners, we determined that a member of the MAPP program, Hangzhou DPTech Technologies Co., Ltd., had breached our nondisclosure agreement (NDA)”, wrote Yunsun Wee, director of Microsoft Trustworthy Computing. Microsoft declined to be more specific about the disclosure.

Reports indicate that Hangzhou DPTech Technologies was identified as the source of the leak of a critical vulnerability in Windows’ remote desktop protocol (RDP).

Microsoft issued a patch for the RDP vulnerability in March and urged users to make fixing the flaw a “special priority” because of the “attractiveness of this vulnerability to attackers.”

Researcher Luigi Auriemma, who found the RDP flaw and reported it to Microsoft through the Zero Day Initiative (ZDI), said that he suspected the leak had come from the MAPP program, according to Dennis Fisher, editor of Kaspersky Lab’s Threatpost.

The proof-of-concept exploit code that appeared on a Chinese site included a packet that Auriemma wrote himself and sent to ZDI, Fisher noted.

"The packet I gave to ZDI was unique because I modified it by hand. There are no doubts on this thing. Microsoft is the source of the leak, probably during the distribution to MAPP partners, but I still have some doubts", Auriemma said in an email interview at the time of the leak.
 

This article is featured in:
Application Security  •  Internet and Network Security  •  IT Forensics

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×