| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050412204241.GC5168@sivokote.iziade.m$> Date: Tue Apr 12 21:42:46 2005 From: guninski at guninski.com (Georgi Guninski) Subject: How to Report a Security VulnerabilitytoMicrosoft On Mon, Apr 11, 2005 at 01:55:00PM -0400, mcbain@....com wrote: > They do want you to communicate with them (or vendors) in a more responsible manner but at the same time totally admit to their "PR issue" and how they have handled bug finders in the past and internal security in the past and are changing. There email in this thread is exactly the truth as it was written. > calculate the difference in the dates: http://www.securityfocus.com/archive/1/395563/2005-04-09/2005-04-15/0 Microsoft MSHTA Script Execution Vulnerability iDEFENSE Security Advisory 04.12.05 www.idefense.com/application/poi/display?id=231&type=vulnerabilities April 12, 2005 VIII. DISCLOSURE TIMELINE 11/02/2004 Initial vendor notification 11/02/2004 Initial vendor response 04/12/2005 Coordinated public disclosure http://www.securityfocus.com/archive/1/395562/2005-04-09/2005-04-15/0 VIII. DISCLOSURE TIMELINE 10/25/2004 Initial vendor notification 10/25/2004 Initial vendor response 04/12/2005 Coordinated public disclosure http://www.securityfocus.com/archive/1/395559/2005-04-09/2005-04-15/0 VIII. DISCLOSURE TIMELINE 11/11/2004 Initial vendor notification 11/11/2004 Initial vendor response 04/12/2005 Coordinated public disclosure -- where do you want bill gates to go today?
Powered by blists - more mailing lists