Security vendor FireEye has been caught up in an issue which saw a researcher lose his job for reporting a vulnerability to the vendor.
According to IT News, researcher Jean-Marie Bourbon of French IT vendor Sogeti posted details of multiple vulnerabilities in security firm FireEye’s Malware Analysis System 6.4.1, along with proof-of-concepts exploits for them. However he later claimed that Sogeti had fired him for the incident under pressure from FireEye.
FireEye denied this, saying it believes in responsible disclosure, and Bourbon later told Forbes Magazine that he had been suspended, rather than fired, but insisted that FireEye had put pressure on Sogeti to punish him.
FireEye has released a security bulletin [PDF] for the vulnerabilities and that many of them had been communicated in product release notes.
