In the latest security scandal to hit tech giants, Microsoft has been lambasted for reportedly “grossly irresponsible” security flaws in its products. According to reports, the tech giant failed to apply software updates that would have prevented a security vulnerability from being exploited.
The security flaw related to Microsoft’s Active Directory Federation Services (ADFS) software. According to reports, the company had failed to apply the latest security updates since April 2019, leaving its users open to potential hacking.
The main criticism is that Microsoft had failed to adequately notify customers of the potential security risk. Cyber security experts have argued that customers had a right to know about the potential risk their systems were exposed to. This sentiment has been echoed by many other organizations and technology experts, who believe that the company should have been proactive in supplying its customers with the necessary patches.
The security flaw was highlighted by a group of researchers at the security firm Cask. According to them, the issue was an egregious misconfiguration of Microsoft’s ADFS software, which could potentially allow malicious actors to gain access to customer data.
The criticism has been widespread and fierce. Many technology experts argue that Microsoft had dropped the ball in properly protecting its customers. Others argue that the company should have notified its customers and supplied the necessary updates well before the vulnerability was exploited.
The criticism also falls on Microsoft for not doing enough to ensure its developers are held to a higher standard when it comes to the security of its products. Experts argue that the company should have put in place better protocols and internal systems to detect vulnerabilities in its products.
Microsoft has since released a patch for the vulnerability, but many are still asking why the company waited so long to do so. In light of this, Microsoft has come under a great deal of criticism for what many have labelled as “grossly irresponsible” security practices.
The company is sure to face further criticism in the days and weeks to come, as details of the breach and Microsoft’s response continue to emerge. Many will be asking whether Microsoft is doing enough to protect its customers and ensure its products remain secure.