NEWS - May 04, 2012
by Carol~ - 5/4/12 7:56 AM
Microsoft Names Chinese Firm Hangzhou DPTech as Source of RDP Code Leak
Two months after exploit code the Microsoft RDP MS12-020 vulnerability made its way into the open before the company released a patch, Microsoft has put the blame for the leak on a Chinese security company, Hangzhou DPTech Technologies. Microsoft said Thursday that it has removed the company from its MAPP information-sharing program.
Microsoft officials said that after word of the leak got out in March they began an investigation to find the source. The security researcher who originally found the RDP bug and reported to Microsoft through the Zero Day Initiative, Luigi Auriemma, said at the time that he suspected that the leak had come from somewhere in the MAPP program, either through one of the partner companies or inside Microsoft itself. The proof-of-concept exploit code that appeared on a Chinese site included a packet that Auriemma wrote himself and forwarded to ZDI.
"The packet I gave to ZDI was unique because I modified it by hand. There are no doubts on this thing," he said in an email interview at the time of the leak. "Microsoft is the source of the leak, probably during the distribution to MAPP partners, but I still have some doubts."
Continued : http://threatpost.com/en_us/blogs/microsoft-names-chinese-firm-hangzhou-dptech-source-rdp-code-leak-050312
Microsoft kicks Chinese company out of vulnerability sharing program
Microsoft boots Chinese firm for leaking Windows exploit
Microsoft names source of RDP code leak