• Tech
  • Security

Why Google Just Published a Windows Bug Before Microsoft Fixed It

2 minute read
Windows 8.1
Employees assist customers at the opening of a Microsoft Corp. store in Bellevue, Washington, U.S., on Friday, Oct. 26, 2012.Bloomberg—Bloomberg via Getty Images
By Sam Frizell

Google beat Microsoft to the punch this week when it published a Windows security vulnerability before Microsoft fixed it. The bug allows lower-level users on Windows 8.1 systems to make themselves system administrators, giving them access to server settings without prior approval.

Google publicized the bug as part of Project Zero, which tracks software flaws and reports them to vendors. Those vendors then get 90 days to fix problems before Project Zero publishes the bug along with code that can be used to exploit it.

Google first notified Microsoft of the bug on Sept. 30, 2014, Engadget reports. Microsoft says it’s still working on a security update, but it also sought to downplay concerns that hackers could use the bug to do serious damage in the meanwhile.

“It is important to note that for a would-be attacker to potentially exploit a system, they would first need to have valid logon credentials and be able to log on locally to a targeted machine,” Microsoft said in a statement.

All this might sound like Google is picking on a rival company’s software. However, Google says the intent of Project Zero is to encourage software vendors to secure their products quickly — before hackers find the flaws first.

“By removing the ability of a vendor to withhold the details of security issues indefinitely, we give users the opportunity to react to vulnerabilities in a timely manner, and to exercise their power as a customer to request an expedited vendor response,” Google said.

See Google Doodles Through the Years

google doodle la tomatina
Aug. 26, 2015 For the 70th anniversary of La Tomatina.Google
Google doodle sally ride
May 26, 2015 In celebration of the 64th birthday of Sally Ride, the first American woman in space.Google
Google-Doodle-Eiffel-Tower-France
March 31, 2015 Honoring the 126th anniversary of the public opening of the Eiffel Tower.Google
Mar. 20, 2015 To celebrate the start of spring and the vernal equinox, Google created a stop-motion animation of flowers in bloom.
Mar. 20, 2015 To celebrate the start of spring and the vernal equinox, Google created a stop-motion animation of flowers in bloom.Google
Nov. 12, 2014 For the landing of the Philae lander, the first spacecraft on a moving comet, Google created a gyrating lander with passing stars.
Nov. 12, 2014 For the landing of the Philae lander, the first spacecraft on a moving comet, Google created a gyrating lander with passing stars.Google
Sept. 9, 2014 For Tolstoy's 186th birthday the Google Doodle team created an appropriately long doodle, with a click-through doodle. http://time.com/3308635/google-doodle-tolstoy/
Sept. 9, 2014 For Tolstoy's 186th birthday, the Google Doodle team created an appropriately long click-through doodle.Google
May 27, 2014 For the Rachel Louise Carson doodle, the team surrounded her with birds and sea creatures to celebrate her 107th birthday.Google
May 4 2014 For the Audrey Hepburn doodle http://time.com/87152/google-doodle-audrey-hepburn/ the doodle team adapted an image from a 1956 black and white photograph taken by Yousuf Karsh.
May 4 2014 For Audrey Hepburn's 85th birthday, the doodle team adapted an image from a 1956 black and white photograph taken by Yousuf Karsh.Google
June 9, 2011 The doodlers came up with the idea of a playable logo, then pegged it to guitar innovator Les Paul's 96th birthday. Turning on composer mode allows you to create songs that you can share online.
June 9, 2011 The doodlers came up with the idea of a playable logo, then pegged it to guitar innovator Les Paul's 96th birthday. Turning on composer mode allows you to create songs that you can share online.Google
March 24, 2011 The Harry Houdini doodle was created in the style of the old posters advertising the death-defying magician.
March 24, 2011 The Harry Houdini doodle was created in the style of the old posters advertising the death-defying magician.Google
Nov. 25, 2010 Chef Ina Garten prepared this Thanksgiving feast, which Google photographed. If you clicked on a dish, her recipe appeared.
Nov. 25, 2010 Chef Ina Garten prepared this Thanksgiving feast, which Google photographed. If you clicked on a dish, her recipe appeared.Google
May 7, 2010 Google asked the San Francisco Ballet to pose and twirl to re-create Pyotr Tchaikovsky's Swan Lake.
May 7, 2010 Google asked the San Francisco Ballet to pose and twirl to re-create Pyotr Tchaikovsky's Swan Lake.Google
Oct. 7, 2009 Scan the doodle that marks the first patent for the bar code and you'll decode Google embedded within.
Oct. 7, 2009 Scan the doodle that marks the first patent for the bar code and you'll decode Google embedded within.Google
March 2, 2009 The doodlers arranged classic Dr. Seuss characters, like the Cat in the Hat and the Grinch, to form the logo's letters.
March 2, 2009 The doodlers arranged classic Dr. Seuss characters, like the Cat in the Hat and the Grinch, to form the logo's letters.Google
Jan. 28, 2009 There was no other way to honor abstract artist Jackson Pollack than with a chaotic drip painting.
Jan. 28, 2009 There was no other way to honor abstract artist Jackson Pollack than with a chaotic drip painting.Google
Jan. 19, 2009 Guest artist Shepard Fairey (famed for his Obama HOPE poster) did a sketch for Martin Luther King Jr. Day.
Jan. 19, 2009 Guest artist Shepard Fairey (famed for his Obama HOPE poster) did a sketch for Martin Luther King Jr. Day.Google
Jan. 28, 2008 Early on, Google used Lego blocks as casing for hard disks. Later it feted Lego's 50th anniversary.
Jan. 28, 2008 Early on, Google used Lego blocks as casing for hard disks. Later it feted Lego's 50th anniversary.Google
April 22, 2007 A melting iceberg for Earth Day is one of many eco-minded doodles the team has created.
April 22, 2007 A melting iceberg for Earth Day is one of many eco-minded doodles the team has created.Google
Jan. 4, 2006 Enter the world of out-there doodles — Google in braille. Only problem: you can't feel it.
Jan. 4, 2006 Enter the world of out-there doodles — Google in braille. Only problem: you can't feel it.Google
March 30, 2005 The Van Gogh doodle appeared in an era when doodles began to get more ambitious, and it's one of the doodlers' best interpretations of a specific painter.
March 30, 2005 The Van Gogh doodle appeared in an era when doodles began to get more ambitious, and it's one of the doodlers' best interpretations of a specific painter.Google
Aug. 13, 2003 Early doodles of famous folk tended to be simple, like this silhouette of Alfred Hitchcock.
Aug. 13, 2003 Early doodles of famous folk tended to be simple, like this silhouette of Alfred Hitchcock.Google
March 14, 2003 The early doodles were often simple but playful, like this mustachioed drawing of Albert Einstein to celebrate his birthday.
March 14, 2003 The early doodles were often simple but playful, like this mustachioed drawing of Albert Einstein to celebrate his birthday.Google
Nov. 14, 2001 Google's first doodler, Dennis Hwang, gave the logo an Impressionist look for Claude Monet's birthday.
Nov. 14, 2001 Google's first doodler, Dennis Hwang, gave the logo an Impressionist look for Claude Monet's birthday.Google
Aug. 30, 1998 When employees left for the Burning Man festival, the Google logo became a cryptic BE BACK LATER sign. "There was no master plan for doodles at that point," says doodler-in-chief Ryan Germick.
Aug. 30, 1998 When employees left for the Burning Man festival, the Google logo became a cryptic BE BACK LATER sign. "There was no master plan for doodles at that point," says doodler-in-chief Ryan Germick.Google

[Engadget]

More Must-Reads From TIME

Contact us at letters@time.com