Microsoft kicks Chinese company out of vulnerability sharing program

2012-05-03

Ryan Naraine

http://www.zdnet.com/blog/security/microsoft-kicks-chinese-company-out-of-vulnerability-sharing-program/11853

Microsoft has kicked a Chinese security company out of its MAPP vulnerability information sharing program following a recent leak of proof-of-concept code for a serious security hole in all versions of Windows.

Microsoft identified the company as Hangzhou DPTech Technologies Co., Ltd, a Chinese outfit that describes itself as a "high-tech company integrating research and development, manufacturing and sales in the network security industry." After an investigation into the embarrassing proof-of-concept leak, Microsoft said Hangzhou DPTech Technologies breached the strict non-disclosure agreement that is meant to ensure that sensitive information doesn’t fall into the wrong hands.

"Microsoft takes breaches of our NDAs very seriously and has removed this partner from the MAPP Program," according to Yunsun Wee, director, Microsoft Trustworthy Computing.

[...]
main page ATTRITION feedback