Find a Bug? Don't E-Mail Microsoft

Find a Bug? Don't E-Mail Microsoft
Brian McWilliams, SecurityFocus 2002-07-23

It may be the most-used vendor bug reporting address in history. This week Redmond put "secure@microsoft.com" out to pasture in favor of a handy Web form.

Expand all | Post comment

Find a Bug? Don't E-Mail Microsoft 2002-07-23
Anonymous (1 replies)

Find a Bug? Don't E-Mail Microsoft 2002-07-24
Anonymous

Poor Idea, baby goes out with the bathwater... 2002-07-23
Geoff Shively

Two reporting routes are better than one. 2002-07-24
Avro (1 replies)

There is an large advantages to this form for both micorsoft and the security comunity in that this form requires some basic infomation and most importantly an decription of how to reproduce this attack. With out this infomation the form can not be sent meaning that the number of incompleet discriptions (either through ignorance of the problem or forgetfull omission) are going to be cut down leaving the microsoft security staff more time to do what we want them to do, research and fix the real problems. It is true that this form is not suffecant for a true profisonal bug report but the secure (at) microsoft (dot) com [email concealed] door is not closed, just not for the regular public, they have there route we have ours.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/545/15809#15809

Two reporting routes are better than one. 2002-07-24
Johan Denoyer

Don't E-Mail Microsoft--they dont care!!! 2002-07-24
technicolour yawn (1 replies)

Re: Don't E-Mail Microsoft--they dont care!!! 2009-07-06
Ben

Hmmmmm 2002-07-24
Anonymous Coward from dk

Paper trail... 2002-07-24
Michel Salim <salimma1NOatSPAMyahoo.co.uk