Full Disclosure: Re: How to Report a Security Vulnerability toMicrosoft

["Ag. System Administrator" <sysadmin () agent co il>]

Airey, John wrote:
> > -----Original Message-----
> > From: full-disclosure-bounces () lists grok org uk 
> > [mailto:full-disclosure-bounces () lists grok org uk] On Behalf 
> > Of Microsoft Security Response Center
> > Sent: 08 April 2005 20:21
> > To: bugtraq () securityfocus com; 
> > ntbugtraq () listserv ntbugtraq com; full-disclosure () lists grok org uk
> > Subject: [Full-disclosure] How to Report a Security 
> > Vulnerability toMicrosoft
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hello!
> >
> > The Microsoft Security Response Center investigates all 
> > reports of security vulnerabilities sent to us that affect 
> > Microsoft products.
> > If you believe you have found a security vulnerability 
> > affecting a Microsoft product, we would like to work with you 
> > to investigate it.
> > We are concerned that people might not know the best way to 
> > report security vulnerabilities to Microsoft. You can contact 
> > the Microsoft Security Response Center to report a 
> > vulnerability by emailing secure () microsoft com directly, or 
> > you can submit your report via our web-based vulnerability 
> > reporting form located at:
> > https://www.microsoft.com/technet/security/bulletin/alertus.aspx.
> >
> > Sincerely,
> > Microsoft Security Response Center 
> [snip]
>
> Unless there's something wrong at my end (I hope not), this message
> doesn't appear to have been signed with the key at
> http://www.microsoft.com/technet/Security/bulletin/pgp.mspx.
>
> Am I right or not?
not.

Key Id: 0xAA55BC66 / Signed on: 04/08/2005 10:17 PM

It's them...


Have fun,
Dan
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/