Microsoft slammed for legal threats against Nightmare Eclipse
- Source
- TechCrunch
- Time
- 8:54 PM
- Weight
- 94/100
Microsoft is facing significant criticism from the cybersecurity community after threatening legal action against a security researcher known as "Nightmare Eclipse." The dispute began after the researcher publicly disclosed several unpatched vulnerabilities and exploit code affecting Microsoft products, including Windows Defender and BitLocker. Microsoft issued a blog post accusing the researcher of failing to follow coordinated disclosure practices and suggested that its Digital Crimes Unit would pursue those who enable criminal activity, a move that many interpret as a threat of criminal referral.
The researcher has claimed that the public disclosure was a last resort following mistreatment by Microsoft, alleging that the company revoked their access to the official reporting portal. Cybersecurity experts and industry veterans have warned that Microsoft’s aggressive stance may create a chilling effect, discouraging independent researchers from reporting flaws in the future.