This past week Google’s Project Zero disclosed an unfixed security issue in Microsoft’s Edge browser. This is not the first time Microsoft failed to patch an issue within Project Zero’s disclosure timeline. This produces strong feelings in the information security community, generally in one of three categories: praising Google’s vulnerability research criticizing Microsoft’s response criticizing Google for publicly disclosing the vulnerability before it was patched The debate over ...
