Google Project Zero

Emergency patch released for critical security hole in Microsoft’s malware scanner

You know a security hole is serious if Microsoft issues a patch for it just hours before the company is scheduled to release its regular bundle of Patch Tuesday updates.

Read more in my article on the Hot for Security blog.

Google tells world how to crash Microsoft Internet Explorer and Edge browsers

Google’s Project Zero vulnerability research team has published details of a flaw in the Microsoft Windows 10 Edge and Internet Explorer 11 browsers that allow them to be remotely crashed – without waiting for a fix to be released.

Google goes public about unpatched Windows vulnerability

Google security engineers have once again made details of a vulnerability in Microsoft’s software public, before Microsoft has been able to roll out a patch.

Anti-virus industry’s bête noire Tavis Ormandy to enter the lion’s den

The Virus Bulletin conference is being held in Denver, Colorado, next month. And they have a controversial guest…

Google says it will be (a little) less evil over vulnerability disclosure

Perhaps smarting from the negative reaction from many commentators about disclosing vulnerabilities in other vendor’s code, Google has now said it is adjusting its policy… a little bit.

Google shows hackers how to exploit Windows 8.1

There’s a right way and a wrong way to raise awareness of zero-day security holes that haven’t been patched yet.

Google – I hope you’re remembering your “don’t be evil” motto.

Google’s Project Zero – Targeting zero-day vulnerabilities

Google has announced that it is assembling a crack team of researchers, devoted to finding and reporting security holes in widely used software.