Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
stogot 3 days ago

I would give the one engineer the credit for doing things better, not Microsoft. Microsoft overall culture of security is terrible. Look at the CISA report.

0xbadcafebee 3 days ago | parent | next [-]

Okay, so I give the team that put this together credit. Hopefully the parent company sees based on this that it's worth letting teams invest more in quality and security work, over features.

dudeinjapan 3 days ago | parent [-]

We should give all the credit to the Product Manager because he told the engineers to make it secure.

chrz 3 days ago | parent [-]

Lets send a thank you letter to Bill Gates

3 days ago | parent | next [-]
[deleted]
dudeinjapan 3 days ago | parent | prev [-]

I presume you mean Bill Gates Sr. because he fathered Bill Gates.

bigfatkitten 3 days ago | parent | prev | next [-]

Microsoft has islands of security excellence in what these days is a sea of mediocrity.

3 days ago | parent | prev | next [-]
[deleted]
kenjackson 3 days ago | parent | prev [-]

What CISA report?

aspenmayer 3 days ago | parent | next [-]

I’m guessing they mean this one:

https://www.cisa.gov/news-events/bulletins/sb25-167

> Microsoft--Microsoft 365 Copilot

> Description Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

> Published 2025-06-11

> CVSS Score 9.3

> Source Info CVE-2025-32711

https://www.cve.org/CVERecord?id=CVE-2025-32711

And maybe they are referring to this engineer from the linked advisory notes?

https://msrc.microsoft.com/update-guide/vulnerability/CVE-20...

> Acknowledgements

> Arantes (@es7evam on X) with Microsoft Aim Labs (Part of Aim Security)

stogot 3 days ago | parent | prev | next [-]

This one: https://www.cisa.gov/sites/default/files/2025-03/CSRBReviewO...

NemosDemos 3 days ago | parent | prev | next [-]

Not OP, but guessing they were referencing this one:

https://www.cisa.gov/resources-tools/resources/CSRB-Review-S...

homarp 3 days ago | parent | prev [-]

https://news.ycombinator.com/item?id=39922066