Microsoft Spurned Researcher Collective is a new group of disgruntled experts whom Microsoft mistreated after they had helped Microsoft discover serious bugs in its software. According to this news item, Microsoft's attitude towards security vulnerabilities is absolutely appalling and Microsoft should be slammed for it.
In October 2006, security researcher H.D. Moore discovered a serious problem with the way applications running on Windows display rich text content.
He reported the vulnerability to Microsoft and nearly four years later it's still not fixed, despite the fact that it could be exploited to run malicious code on a PC and take control of it.
Unfortunately, this is not an isolated incident. According to the Zero Day Initiative, which serves as a broker between security researchers who find flaws and software companies who need to fix them, there are 122 outstanding vulnerabilities that have been reported to vendors and which have not been patched yet. The oldest on the list was reported to IBM in May 2007 and more than 30 of the outstanding vulnerabilities are older than a year.
The data used for this study were collected and analyzed between April 20, 2010 and April 22, 2010, resulting in an overall total data set of approximately 1,708 confirmed malware files. The files were then run through the latest release of the top desktop AV solutions upon initial detection and again every six hours for one month to determine their detection and lag rates.