nk497 notes the news that a group of researchers calling themselves the Microsoft-Spurned Researcher Collective (the name is a play on Microsoft's Security Response Center) have come together to protest Microsoft's perceived heavy-handedness towards researchers who disclose security flaws. Pushed into action by the reception to the flaw disclosed by Tavis Ormandy, the group has released full details and exploit code for a previously unknown Windows local privilege escalation vulnerability. The advisory for the vulnerability, which affects Windows Vista and Windows Server 2008, contains the following manifesto: "Due to hostility toward security researchers, the most recent example being of Tavis Ormandy, a number of us from the industry (and some not from the industry) have come together to form MSRC: the Microsoft-Spurned Researcher Collective. MSRC will fully disclose vulnerability information discovered in our free time, free from retaliation against us or any inferred employer."
Attend or create a Slashdot 20th anniversary party! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×