logoalt Hacker News

LelouBiltoday at 1:40 AM3 repliesview on HN

Very important info: https://www.theregister.com/security/2026/05/28/microsoft-0-...

In the linked Microsoft blog post, they say :

> The details of these vulnerabilities were not shared with Microsoft prior to release, and the disclosures put our customers at unnecessary risk.

So are they lying ? Why would Nightmare-Eclipse not report them if they are not ?

It's a very weird situation

Replies

thewebguydtoday at 2:25 AM

> the disclosures put our customers at unnecessary risk.

That statement irks me. Responsible disclosure or not, It's Microsoft themselves that put their customers at risk, not the researcher.

show 2 replies
subscribedtoday at 11:24 AM

Yeah, but the customer in this statement being entities that requested this backdoor. Not the people/companies who paid for the licences.

firefaxtoday at 11:28 AM

>Why would Nightmare-Eclipse not report them if they are not ?

Maybe they're a foreign intelligence cutout masquerading as a burned researcher.