Microsoft and security researcher’s dueling posts about cybersecurity disclosures get nasty

A cybersecurity researcher named Nightmare Eclipse and Microsoft had a public conflict over responsible disclosure practices, with the researcher publishing vulnerability details after claiming Microsoft ignored his reports, while Microsoft argued that uncoordinated disclosures (releasing bug information before patches are available) create unnecessary risk for users. Tom Gallagher, a Microsoft security executive, acknowledged the debate over whether current patching practices fit today's landscape but stated the company is not currently changing its policies, though it will continue to evaluate them.