Vupen’s finding is one of the first issues for Windows 8, released last week, and Internet Explorer 10, although vulnerabilities have since been found in other third-party software that runs on the Windows 8.
Dave Forstrom, Microsoft’s Trustworthy Computing director, said the company encourages researchers to participate in its Coordinated Vulnerability Disclosure program, which asks that people give it time to fix the software problem before publicly disclosing it.
“We saw the tweet, but further details have not been shared with us,” Forstrom said in a statement.