Microsoft Patches Two Zero-Day Flaws Disclosed by Rival Researcher Amid Heated Feud

Microsoft has released security patches for two zero-day vulnerabilities that were publicly disclosed by a security researcher known as Nightmare Eclipse. The flaws, which could have allowed attackers to exploit sensitive systems, were part of a rising public dispute between Microsoft and the researcher over the timing and handling of security disclosures.

According to the source, Microsoft confirmed that one of the vulnerabilities, a critical remote code execution flaw in Windows, had already been exploited in the wild before the researcher disclosed it. The other flaw involved a privilege escalation in a core Windows component. The researcher, who has been publicly critical of Microsoft's security practices, published proof-of-concept code alongside the disclosures, pressuring the company to act quickly.

This situation highlights the ongoing tensions between tech companies and security researchers. While researchers often discover vulnerabilities to help companies improve their security, disputes can arise over how and when these flaws should be made public. For everyday users, this means that keeping software up to date is more important than ever, as these patches help protect against potential cyber threats.

To stay safe, users should immediately update their Microsoft software. Open the Windows Update settings on your PC, check for updates, and install any available patches. This simple step can significantly reduce the risk of falling victim to cyberattacks.