A security researcher has posted a claimed list of yet-to-be-patched Windows 10 vulnerabilities on Twitter after getting frustrated with Microsoft not paying bounties for his submissions.

https://twitter.com/jonasLyk/status/1282945750746509313

The researcher claims providing proof of concepts to Microsoft for all submitted vulnerabilities.

https://twitter.com/jonasLyk/status/1282961794538012672

He has also posted a video that reveals the vulnerability of “bypassing password without desktop”.

https://twitter.com/jonasLyk/status/1282954447195340800

While we have yet to hear Microsoft’s side of story, this raises big questions about the corporate giant’s engagement with external researchers. Perhaps this fall-out could have been avoided with better communication from both sides.