Microsoft took more than 90 days to issue a partial fix for a critical Azure vulnerability, researchers found
Tenable CEO Amit Yoran has accused Microsoft of «negligent practices” for its response to security vulnerabilities in a scathing critique of the tech giant.
Yoran criticized Microsoft’s alleged “lack of transparency” regarding data breaches and security vulnerabilities, suggesting that the company has deliberately kept customers in the dark.
This criticism focuses specifically on the tech giant’s response to a recent Chinese-backed cyber espionage campaign which targeted senior US government officials.
The incident enabled threat actors to access officials’ emails, and at the time Microsoft said the attack was part of a targeted campaign against the US.
Last week, US senator Ron Wyden penned a letter calling Microsoft “negiligent” in its response to the attacks and called on the Justice Department to investigate whether the company’s approach broke the law.
Yoran echoed Wyden’s comments in his broadside against the firm, claiming that the company’s track record on security is “even worse than we thought”.
“Microsoft’s lack of transparency applies to breaches, irresponsible security practices, and to vulnerabilities, all of which expose their customers to risks they are deliberately kept in the dark about,” he said.
“What you hear from Microsoft is ‘just trust us’, but what you get back is very little transparency and a culture of toxic obfuscation.
