Microsoft Reverses Stance on Zero-Day Researcher Threat

Microsoft has reversed its threat of legal action against researcher Chaotic Eclipse and Nightmare Eclipse who disclosed zero-day vulnerabilities for Microsoft products. The company now states it has no intention to pursue legal action against individuals conducting or publishing security research. The controversy arose during a vulnerability disclosure process where the researcher shared proof-of-concept exploits publicly. Microsoft issued a statement on Monday clarifying its zero-day disclosure policy. The incident reflects tension between security researchers and Microsoft over disclosure practices.