Microsoft probes partners for source of RDP vulnerability leak
Microsoft has begun probing its own security partner network to find out who, if anyone, leaked exploit code used in the Remote Desktop Protocol (RDP) vulnerability patched this week.
Details of the vulnerability including a key piece of information, a custom crafted network packet, had turned up on a Chinese hacker forum last week. Microsoft routinely shares vulnerability information with a trusted set of security companies under the Microsoft Active Protections Program (MAPP). In a posting made on the Microsoft Security Response Center blog, Microsoft Trustworthy Computing director Yunsun Wee said: "Microsoft is actively investigating the disclosure of these details and will take the necessary actions to protect customers and ensure that confidential information we share is protected pursuant to our contracts and program requirements,"