RE: How do I report a security flaw in SUS product

From: Michael Laing [MS] (mdonlinelaing@microsoft.com)
Date: 11/13/02


From: mdonlinelaing@microsoft.com (Michael Laing [MS])
Date: Wed, 13 Nov 2002 01:05:29 GMT


Microsoft has an official process for investigating possible security
vulnerabilities. Please send as much information as you have regarding the
possible vulnerability to secure@microsoft.com. Microsoft will respond to
you within 24 hours and will open an investigation based on the information
you provide.

Thanks,

Michael Laing
Microsoft Developer Support
Internet Information Server

***********************
>>Please do not send email directly to this alias. This is an online
account name for newsgroup participation only.<<

This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.
2002 Microsoft Corporation. All rights reserved.
***********************
--------------------
| Content-Class: urn:content-classes:message
| From: "James McVicar" <jmcvicar@autoyes.com>
| Sender: "James McVicar" <jmcvicar@autoyes.com>
| Subject: How do I report a security flaw in SUS product
| Date: Tue, 12 Nov 2002 07:18:24 -0800
| Lines: 5
| Message-ID: <e76301c28a5e$be7eb8d0$2ae2c90a@phx.gbl>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcKKXr5+WSVmAK0UQrWTc3kU4yS0WQ==
| Newsgroups: microsoft.public.inetserver.iis.security
| Path: cpmsftngxa09
| Xref: cpmsftngxa09 microsoft.public.inetserver.iis.security:12630
| NNTP-Posting-Host: TKMSFTNGXA14 10.201.226.42
| X-Tomcat-NG: microsoft.public.inetserver.iis.security
|
| I have discovered a major security risk associated with
| the Software Update Services product that runs on IIS.
| How do I report that to MS?
|
|
|



Relevant Pages