Microsoft suspends developer accounts for popular open-source projects

April 10, 20262 min read1 sources
Share:
Microsoft suspends developer accounts for popular open-source projects

Microsoft has suspended the developer accounts for several widely used open-source applications, including Rufus, qBittorrent, and ShareX, effectively blocking them from distributing new software builds and critical security patches to Windows users.

The suspensions, which began in late May 2024, were reportedly executed without clear prior notification. Affected developers stated they received only vague explanations citing policy violations or "malware" without specific, actionable details, leaving them unable to address the supposed issues. The blocks primarily impact accounts on the Microsoft Partner Center and the Microsoft Store, crucial platforms for software distribution and management.

Pete Batard, the developer of the popular bootable USB utility Rufus, was among the first to report the issue. He criticized the company’s opaque appeals process, stating on his blog that "Microsoft's ability to provide a usable appeal process for developers is non-existent." For Rufus, the suspension also impacted the ability to digitally sign software, which can cause security warnings and erode user trust.

The teams behind the qBittorrent client and ShareX screenshot tool also confirmed their Microsoft Store accounts were suspended, halting all application updates delivered through that channel.

The most significant impact of these administrative actions is the immediate security risk posed to end-users. By preventing developers from pushing timely patches, users who rely on the Microsoft Store for updates are left with older, potentially vulnerable software versions. This administrative block creates a window of opportunity for attackers to exploit known flaws that developers are now unable to fix for their Store-based users. The incident has sparked widespread frustration within the open-source community, raising concerns about the reliability and transparency of Microsoft's developer platforms.

Share:

// SOURCES

// RELATED

Meta settles bellwether lawsuit alleging addictive design harmed student mental health

Meta's confidential settlement with a Washington school district marks a pivotal moment in the massive litigation against social media's psychological

6 min readMay 24

Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network

A sophisticated zero-day attack on Huawei routers allegedly caused Luxembourg's 2023 national telecom outage, raising severe global security concerns.

6 min readMay 23

MiniPlasma Windows 0-day enables SYSTEM privilege escalation on fully patched systems

A newly disclosed 0-day flaw, MiniPlasma, allows attackers to gain full SYSTEM control on patched Windows systems, with a public PoC accelerating risk

6 min readMay 18

The ransomware dilemma: why more than half of security chiefs would pay the price

A new survey reveals 56% of CISOs would consider paying a ransom, highlighting the intense pressure to restore operations despite official guidance.

6 min readMay 16