WikiLeaks has confirmed the core of the story, but has a decidedly different take on the situation. While it acknowledges that most of the companies haven't taken action, it claims that Google and others aren't reacting to WikiLeaks' "industry standard responsible disclosure plan" due to "conflicts of interest" from their work with the US government. Supposedly, they're prevented from fixing these kinds of flaws due to their contracts.

More details on this situation are coming next week, WikiLeaks says. However, it's already threatening to name and shame companies by comparing their responsiveness with their "government entanglements." It points out that Mozilla and some European firms have been quicker to respond and have received some exploit data.

While it's difficult to know who's right, some caution is definitely necessary. WikiLeaks has a habit of playing up leaks, such as implying that the CIA could crack encrypted chat apps (it can only crack the devices used by those apps). Although leaks have suggested that companies might cooperate with US agencies, the truth in this case could be decidedly less exciting. Even a company fully opposed to backdoor surveillance may not want to patch flaws unless it's absolutely sure that it's legal to do so.