Last summer, Google security engineer Tavis Ormandy released exploit code for a bug in Windows' Help and Support Center after he said Microsoft refused to set a patch deadline. In September, Chris Evans , another Google security researcher, published attack code for an IE vulnerability after he said he had not been able to persuade Microsoft to fix the flaw.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org .
Read more about malware and vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.