I’m not sure why you think it’s the researchers responsibility to verify patches. It would be nice, especially if they’re knowledgeable in the code, but Microsoft have the resources to put someone else in that position too.
I’m not sure why you think it’s the researchers responsibility to verify patches. It would be nice, especially if they’re knowledgeable in the code, but Microsoft have the resources to put someone else in that position too.
The researchers in this case literally checked the patch after release. It costs nothing to send them a pre-release and ask the question
That’s different. I’m not here to mark your work but if you publish your work, I’m happy to publicly point out that you’re wrong, especially if you’re Microsoft size and should have work checkers internally and are continually doing the wrong think and putting people at risk as a result.