Microsoft severs ties with suspected patch-leaking partner

Microsoft has severed ties with a firm believed to have been leaking data on security vulnerabilities prior to the release of patches.

Microsoft said that Hangzhou DPTech Technologies had been removed from the Microsoft Active Protections Program (MAPP) for disclosing information on a zero-day flaw to outside researchers.

The decision stems from a March incident in which malware writers in China were able to develop a working exploit for a flaw in Windows Remote Desktop at roughly the same time as Microsoft released its patch for the vulnerability.

The MAPP system provides security developers with details on vulnerabilities ahead of Microsoft's monthly patch release, allowing vendors to patch their own products at the same time Microsoft discloses the flaws.

The early arrival of the Remote Desktop malware lead the company to suspect a vendor had handed the MAPP data over to third parties.

"Our goal with MAPP is to have a transparent, effective programme in place," wrote Microsoft senior program manager Maarten Can Horenbeack.

"As such, we routinely evaluate MAPP partners to ensure they are adhering to programme guidelines, taking action to correct any partner deviations from our programme charter."

The news comes as Microsoft prepares to issues the May edition of its Patch Tuesday security update.

The company said that the patch, planned for release on 8 May at roughly 1800 BST, would include three critical fixes and four important fixes.

The update will address remote code execution flaws in Microsoft Office, Windows and the .NET Framework as well as a pair of elevation of privilege vulnerabilities in Windows.