[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    MS security bugs
From:       Paul Leach <paulle () MICROSOFT ! COM>
Date:       1999-04-27 19:58:56
[Download RAW message or body]

Since some recent postings said they didn't know how to report bugs to
Microsoft: please send reports of security bugs to "secure@microsoft.com".

If you report a bug, you will initially get the following automated
response:

Thank you for your note to Secure@Microsoft.Com.  Microsoft takes security
very seriously, and we've developed this service to make it easy for
customers to report potential security vulnerabilities in our products.  To
help us better understand the issue that you're reporting, please make sure
that you have provided as much detail as possible, including:

- A complete description of the vulnerability, particularly what products
are involved, how the vulnerability occurs, and what the security risk is.
- Information that will allow us to reproduce the problem.  This should
include a description of the scenario in which the problem occurs, and the
version numbers of the products and operating system that you were using
when you found the vulnerability. If you have applied any service packs or
hotfixes, please tell us which ones. If the vulnerability involves a Web
site, please give us its URL.
- Your contact information, either an e-mail address or a phone number, in
case an engineer needs to contact you for additional information.

Unfortunately, we cannot provide technical support from this mailbox.  If
you need help using a Microsoft product or have questions about a Microsoft
Product, please see http://www.microsoft.com/support for information on the
various types of technical support that are available.

[prev in list] [next in list] [prev in thread] [next in thread]