Google Engineers Found More Than Half of Microsoft's Bugs

Two engineers found 32 of the 57 bugs.

Google engineers are responsible for discovering more than half of the bugs addressed in Microsoft's latest update.

Engineers Mateus "j00ru" Jurczyk and Gynvael Coldwind have claimed to have found 32 of the 57 bugs. According to "The Verge," Microsoft often gives credit to engineers from the search engine giant for finding flaws, but this month's update saw a considerably higher number of bugs being found.

In response to the revelation, a Google representative referred to a list of security flaws discovered by Google engineers in non-Google products, as well as stating, "Keeping Internet users safe is about more than just making sure our own products are secure. We frequently report flaws we discover while testing our products and services on various platforms. Reporting bugs to software vendors in a responsible manner is part of a healthy security community."

Microsoft had recently said that it would launch 12 security fixes to remove a large number of bugs on Windows 8 and Windows RT. The number of bugs came close to the software titan's all-time record of 64 bugs in one month.

Both technology firms have had some history regarding showcasing each others' flaws. During 2010, a Google engineer uncovered a serious Windows vulnerability, but gave Microsoft five days before publishing the full attack code. The latter retaliated by depicting flaws it found in Google's software.

Although Google denied the claim, Microsoft said during July 2012 that it found a botnet spreading spam and malware via Google's Android operating system. Either way, Android is known to be a growing target for hackers to spread malware.

_{Contact Us for News Tips, Corrections and Feedback}

You need to be logged to post a comment

There are 22 Comments.

Top Comments

22

jupiter optimus maximus , February 19, 2013 6:27 AM

This is actually really good competition for the consumer. Each side finding flaws, and each fixing their own. In the end, both sides will have a very robust system. This is how it should be, real engineers doing their work.
20

stickmansam , February 19, 2013 6:46 AM

socalboomerSo, 12 is close to 64? Hmmm. . . .

57 bugs vs 64 bugs

but the bugs were addressed using only 12 patches/fixes
13

ericburnby , February 19, 2013 5:24 AM

When you're looking for ways to exploit a competitors browser to bypass security and show ads (like they got fined $22 million for with Apples Safari), then you're bound to come across lots of "flaws".

Other Comments

-4

CaedenV , February 19, 2013 5:21 AM

plus the fact that MS pays a nice little sum for bug catches doesn't hurt Google bottom line any
13

ericburnby , February 19, 2013 5:24 AM

When you're looking for ways to exploit a competitors browser to bypass security and show ads (like they got fined $22 million for with Apples Safari), then you're bound to come across lots of "flaws".
22

jupiter optimus maximus , February 19, 2013 6:27 AM

This is actually really good competition for the consumer. Each side finding flaws, and each fixing their own. In the end, both sides will have a very robust system. This is how it should be, real engineers doing their work.
-15

socalboomer , February 19, 2013 6:36 AM

Quote:
Microsoft had recently said that it would launch 12 security fixes to remove a large number of bugs on Windows 8 and Windows RT. The number of bugs came close to the software titan's all-time record of 64 bugs in one month.

So, 12 is close to 64? Hmmm. . . .
20

stickmansam , February 19, 2013 6:46 AM

socalboomerSo, 12 is close to 64? Hmmm. . . .

57 bugs vs 64 bugs

but the bugs were addressed using only 12 patches/fixes
10

jeffunit , February 19, 2013 7:07 AM

plus the fact that MS pays a nice little sum for bug catches doesn't hurt Google bottom line any

Sure they do, as long as you consider Zero to be a 'nice little sum'.
There is no bug bounty from microsoft. Perhaps you are confusing them with google who does have a bug bounty.
12

AndrewMD , February 19, 2013 7:10 AM

Considering that Google is looking at their competition for anything, it is no surprise that they were able to find so many security bugs. However, it is any company's responsibility to help fix these bugs when discovered. No company is perfect at Q/A controls.
5

jimmysmitty , February 19, 2013 7:21 AM

I wonder when these guys will fix the bug in the new Google Earth that decides to keep caching to your HDD (no matter the limit set) and take up all free space.

Had a customer with a 500GB HDD that GE took up 424GB worth.
1

thecolorblue , February 19, 2013 7:35 AM

jupiter optimus maximusThis is actually really good competition for the consumer. Each side finding flaws, and each fixing their own. In the end, both sides will have a very robust system. This is how it should be, real engineers doing their work.

even better would be open source code: programmers all over the world could find flaws and submit fixes.

security flaws would be found and fixed waayyy faster.
4

otacon72 , February 19, 2013 7:41 AM

Maybe Google should concentrate on plugging the holes in Android.
2

ericburnby , February 19, 2013 7:45 AM

^ Uhh, they did. Poor attempt at trolling. JB finally patched the last major security hole in Android.
5

DRosencraft , February 19, 2013 8:36 AM

This is what is known as constructive criticism. Google didn't go out and make a big deal of it, they just reported the findings to MSFT, and apparently MSFT fixed them. This is a good example of what the relationship should be for something like security - sharing relevant information and competing on features and ability on a relatively level playing field,
1

fuzzion , February 19, 2013 8:48 AM

jimmysmittyI wonder when these guys will fix the bug in the new Google Earth that decides to keep caching to your HDD (no matter the limit set) and take up all free space.Had a customer with a 500GB HDD that GE took up 424GB worth.

Mine works fine on win7.
-1

alextheblue , February 19, 2013 10:00 AM

DRosencraftThis is what is known as constructive criticism. Google didn't go out and make a big deal of it, they just reported the findings to MSFT, and apparently MSFT fixed them. This is a good example of what the relationship should be for something like security - sharing relevant information and competing on features and ability on a relatively level playing field,
They don't always play so nice, though.

"You have five days before we take a dump in your cereal" is an example of this.
jimmysmittyI wonder when these guys will fix the bug in the new Google Earth that decides to keep caching to your HDD (no matter the limit set) and take up all free space.Had a customer with a 500GB HDD that GE took up 424GB worth.
That's not a bug, it's a feature! The REAL bug is that he doesn't have a 3TB hard drive. FIX IT JIMMY.
2

ojas , February 19, 2013 1:37 PM

jimmysmittyI wonder when these guys will fix the bug in the new Google Earth that decides to keep caching to your HDD (no matter the limit set) and take up all free space.Had a customer with a 500GB HDD that GE took up 424GB worth.

Never happened, man. 424 MB, sure but not GB.
3

becherovka , February 19, 2013 2:19 PM

Its a symbiotic relationship.

Well not exactly but I just wanted to say symbiotic
1

becherovka , February 19, 2013 2:22 PM

Apple is parasitism to everyone
0

bnot , February 19, 2013 5:18 PM

I'm sure China is just waiting until they have a sufficient # of bugs on MS and Google before notifying them, like a couple thousand....
0

daglesj , February 19, 2013 7:55 PM

And I'm currently trying to fix a laptop that one of those updates has crufted!
1

back_by_demand , February 19, 2013 8:36 PM

daglesjAnd I'm currently trying to fix a laptop that one of those updates has crufted!

Prove it was the update that caused it, otherwise you are just trollin'

Display more comments

Google Engineers Found More Than Half of Microsoft's Bugs

Tom’s guide in the world