Hacker News new | past | comments | ask | show | jobs | submit login

> just risks another EternalBlue type situation where the exploit gets used in real attacks and causes real damage, for what?

You mean where the US government decided to not notify Microsoft for 5 years?

Or you mean where Microsoft decided to publicly announce the vulnerability despite not having provided patches for millions of unsupported systems?

These organization the "take security seriously sure make Project Zero look very responsible by comparison.

> for what?

To let people whose security has been compromised for over a decade do what they can to mitigate

They can't do anything to mitigate. What are they meant to do, rewrite parts of Windows by themselves?

The only fixes here come from MS. Until then, the more people that know, the worse it is.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact