Bugtraq mailing list archives

Reporting Security Issues to Microsoft

From: secure () MICROSOFT COM (Microsoft Security Response Center)
Date: Thu, 8 Jun 2000 14:46:01 -0700


-----BEGIN PGP SIGNED MESSAGE-----

Hi All -

Seems like there's been a recent increase in the number of postings
whose theme is "I reported this to Microsoft but never heard anything
back".  In each case, we've checked our records but, in most cases,
found no record of the issue having been sent to the Security Response
Center.  We answer every email, and track every report we receive, so
we believe that the reports in question may have been sent to other
email addresses at Microsoft.

While most folks at Microsoft know to forward reports of potential
security vulnerabilities to us, the best way to ensure that the right
people are on the case is to send the report directly to us here at
the Security Response Center by emailing to secure () microsoft com.
There's specific information at
http://www.microsoft.com/technet/security/contact.asp, discussing what
kinds of issues we can help with.  Look forward to talking with you.
Regards,

Secure () microsoft com

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2

iQEVAwUBOUAUL40ZSRQxA/UrAQFLnggAqYFXSsYyY3U2s14OSH7DxV1i2xYYaqk+
VyZo+cruzBjBl94XCusoyaWOaJRPBdhiUhiTrfavinZeiqzVBDk7ubDxh0H4IiSX
OC+TQs6i69YJ0LUOhnj75snGdFM7nyh939cQCwVDQL70/0yRiiLKw+dwbqGdall2
80BBQlc/brZ7WCT0epNJUkrSqeg5CeW6r1tmWvrFXHO3Ybj+lVFUlK7QyJyGfPlt
DrIHkr+pZ2PjuZ02V16bsibQiEes1fR27ss0aU89chWl5zeuBBuIvs96eT57HxHw
wm+wKnL+AWULgeVKjRDBvgLkvIknJqccH2Y/5ZogWTrIdOj2MtyNgw==
=cNBU
-----END PGP SIGNATURE-----

Current thread:

Sendmail local root exploit on linux 2.2.x Florian Heinz (Jun 08)
- Snort 1.6 and nmap 2.54beta1 Galileo (May 12)
  - Re: Snort 1.6 and nmap 2.54beta1 Simple Nomad (Jun 14)
  - Security Advisory: REMOTE ROOT VULNERABILITY IN GSSFTP DAEMON Tom Yu (Jun 14)
  - Security Advisory: local ROOT exploit in BRU Technical Support (Jun 14)
  - Re: Snort 1.6 and nmap 2.54beta1 Martin Roesch (Jun 14)
- Re: Sendmail local root exploit on linux 2.2.x Mark K. Pettit (Jun 08)
- Reporting Security Issues to Microsoft Microsoft Security Response Center (Jun 08)
- Re: Sendmail local root exploit on linux 2.2.x Christophe GRENIER (Jun 08)
- arprelay: a tool to edit TCP connections in a LAN Felix von Leitner (Jun 09)
- Re: Sendmail local root exploit on linux 2.2.x Alan Iwi (Jun 12)
- Splitvt exploit syzop (Jun 14)
  - Re: Splitvt exploit Joey Hess (Jun 14)
    - Re: Splitvt exploit Andrey Savochkin (Jun 16)
    - Re: Splitvt exploit Joey Hess (Jun 16)
    - NAI WebShield SMTP does not scan base64 encoding chris.paget () ANALYSYS COM (Jun 20)
  - Re: Splitvt exploit Kris Kennaway (Jun 15)
  - Re-release of IIS 5.0 Patch for MS00-031 Microsoft Product Security (Jun 16)

(Thread continues...)