Once again, the security world has seen fit to make us safer by finding a few vulnerabilities – so, how do you feel?
An excerpt:
"Microsoft is disappointed that Xfocus took actions that could put computer users at risk by not following the commonly accepted industry practice of privately reporting security vulnerabilities to software vendors," the spokeswoman said.
She called on private researchers to follow the procedure for responsible disclosure, which she said allows vendors to review the reports for accuracy and to determine the best response for customers.
This is why "responsible disclosure" is a bad idea – there is no reason for anyone to follow the procedures.