Windows 8.1 - vulnerability remains unpatched for months!

A security researcher at Google has published details of an as-yet unpatched vulnerability in Windows 8.1, three months after reporting the problem to Microsoft.

Google's Security Research arm practices responsible disclosure, meaning that newly-discovered vulnerabilities are communicated in private to the maintainers of the affected software. The maintainers are then given a chance to investigate the issue and publish a patch to resolve the problem before the flaw is communicated to the general public - helping to prevent 'zero-day' scenarios where a widespread vulnerability becomes public knowledge before protections against its exploitation can be put in place.