Microsoft reaches for olive branch after public dustup with 0-day researcher

Microsoft softened its rhetoric after criticism for appearing to threaten legal action against a researcher (Nightmare-Eclipse) who published multiple Windows zero-days and proof-of-concept exploit code; several of those flaws have been exploited in the wild and the researcher claims a forthcoming Secure Boot/BitLocker bypass dubbed "Bitskrieg". The article describes community concern that Microsoft’s initial language could chill vulnerability research, and notes Microsoft reiterated it does not intend to pursue researchers while still advocating private disclosure.