Redmond-based tech giant Microsoft has again come under fire in the PRISM scandal, this time because the company has reportedly tipped off US agencies on some unpatched Windows security flaws.
Basically, the Softies have contacted the US government to provide early warnings on some unpatched security glitches before the company rolled out the official fixes and made the vulnerabilities public.
Bloomberg claims that all these details were supposed to help US security engineers in their cyber espionage activities aimed at terrorists or “military foes.” At the same time, Microsoft’s warnings could help the US keep their own computers fully secure and thus block any incoming attacks from overseas agencies.
Citing two unnamed US officials, the aforementioned source writes that intelligence agencies have used these early warnings to hack computers used by foreign governments, but no other specifics have been provided.
Microsoft spokesman Frank Shaw confirmed that US agencies might have received early alerts on software bugs found in the tech giant’s software, but he explained that this collaboration was only supposed to give the government more time to secure their computers.
The software company isn’t the only big name that tipped off US security engineers before making specific vulnerabilities public, as some large anti-virus vendors are also believed to be involved in a similar scheme.
A few days ago, Microsoft denied its involvement in the PRISM saga, explaining that it didn’t spy on its users, but admitting that it complied with government requests to provide more details on specific account holders.
“We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don’t participate in it,” the company said in a public statement.