Microsoft and researcher clash over disclosure rules
🛡️ Microsoft and a prominent researcher publicly traded barbs after the researcher, going by Nightmare Eclipse, published vulnerabilities he said were ignored; Microsoft countered that those disclosures were irresponsible and increased risk. The exchange included personal accusations, account deletions, and threats, prompting discussion within the security community about disclosure practices. Senior Microsoft staff signaled a review of processes while defenders on both sides highlighted valid concerns about communication, prioritization, and trust.
