Full Disclosure mailing list archives
RE: How to Report a Security Vulnerability toMicrosoft
From: "Airey, John" <John.Airey () rnib org uk>
Date: Mon, 11 Apr 2005 16:43:21 +0100
-----Original Message----- From: Ag. System Administrator [mailto:sysadmin () agent co il] Sent: 11 April 2005 16:36 To: Airey, John Cc: Full-Disclosure Subject: Re: [Full-disclosure] How to Report a Security Vulnerability toMicrosoft Airey, John wrote:-----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Microsoft Security Response Center Sent: 08 April 2005 20:21 To: bugtraq () securityfocus com; ntbugtraq () listserv ntbugtraq com; full-disclosure () lists grok org uk Subject: [Full-disclosure] How to Report a Security Vulnerability toMicrosoft -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello! The Microsoft Security Response Center investigates all reports of security vulnerabilities sent to us that affect Microsoft products. If you believe you have found a security vulnerability affecting a Microsoft product, we would like to work with you to investigate it. We are concerned that people might not know the best way to report security vulnerabilities to Microsoft. You can contact theMicrosoftSecurity Response Center to report a vulnerability by emailing secure () microsoft com directly, or you can submit yourreport via ourweb-based vulnerability reporting form located at: https://www.microsoft.com/technet/security/bulletin/alertus.aspx. Sincerely, Microsoft Security Response Center[snip] Unless there's something wrong at my end (I hope not), this message doesn't appear to have been signed with the key at http://www.microsoft.com/technet/Security/bulletin/pgp.mspx. Am I right or not?not. Key Id: 0xAA55BC66 / Signed on: 04/08/2005 10:17 PM It's them...
That's the key id on the web page, but the key id of the key on that page says 0x0B2E5E2D. It has fingerprint E561 2A79 6439 13E4 430B 92F0 2732 52F1 and never expires. Can anyone else confirm this? -- John Airey, BSc (Jt Hons), CNE, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 John.Airey () rnib org uk I'm cycling the 2005 Etape du Tour in France to raise vital funds for RNIB, if you'd like to sponsor me, visit http://justgiving.com/rnibetape. "A man cannot consider himself educated unless he has read the Bible" - Abraham Lincoln -- DISCLAIMER: NOTICE: The information contained in this email and any attachments is confidential and may be privileged. If you are not the intended recipient you should not use, disclose, distribute or copy any of the content of it or of any attachment; you are requested to notify the sender immediately of your receipt of the email and then to delete it and any attachments from your system. RNIB endeavours to ensure that emails and any attachments generated by its staff are free from viruses or other contaminants. However, it cannot accept any responsibility for any such which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: How to Report a Security Vulnerability toMicrosoft Airey, John (Apr 11)
- Re: How to Report a Security Vulnerability toMicrosoft Ag. System Administrator (Apr 12)
- Re: How to Report a Security Vulnerability toMicrosoft Andrew Farmer (Apr 12)
- Re: How to Report a Security Vulnerability toMicrosoft Ag. System Administrator (Apr 12)
- Re: How to Report a Security Vulnerability toMicrosoft Andrew Farmer (Apr 12)
- Re: How to Report a Security Vulnerability toMicrosoft Ag. System Administrator (Apr 12)