Google engineers often find and report security vulnerabilities in Microsoft products, but they outdid themselves this month. Mateusz "j00ru" Jurczyk, a self-described "Windows hacker" and security engineer at Google, is credited for reporting 32 issues with Windows which Microsoft deemed "important," or one step below "critical." A second Google security engineer, Gynvael Coldwind, collaborated on reporting five of those bugs.
Google engineers are regularly credited in security updates, but this month's count is unusually high. (Google engineers reported a bug a month in October, November, and December, and none in January.) The total number of bugs Microsoft fixed this month is close to the all-time record of 64.
Microsoft welcomes bug reports from outsiders, which is why it has appended an "acknowledgements" section to every security update since 2000. "When you see a security professional acknowledged in a Microsoft Security Bulletin, it means that they reported the vulnerability to us confidentially, worked with us to develop the patch, and helped us disseminate information about it once the threat was eliminated," the company says.
Full article: http://www.theverge....-massive-update