Chinese hackers apparently have gained access to Microsoft problem details even before a company patch was released and security researchers are worried the leak came directly from Microsoft’s secured website.
It relates to the Microsoft Security Response Center, which states the Microsoft Active Protections Program is: “a program for security software providers. The program gives members a head start to reproduce the vulnerabilities and program (anti-hacking) tools in advance of Microsoft’s official security updates.”
And it states, “The amount of time between the release of a Microsoft security update and the release of exploit code (vulnerability) for that update continues to shorten. MAPP gives security software providers early access to vulnerability information.”
It has been revealed that on March 13, Microsoft issued critical security update MS12-020 for its Windows operating systems.
The update fixed two security holes in what is known as the Remote Desktop Protocol, which allows a user to access another computer over a local network or the Internet. The security hole would allow a hacker to take over a computer and run programs from it.
WND EXCLUSIVE: By Steve Elwart