Home Dashboard Directory Help
Search

Reporting security issues for IE by slofrog


Status: 

Active


1
0
Sign in
to vote
Type: Bug
ID: 795468
Opened: 7/31/2013 1:59:25 AM
Access Restriction: Public
0
Workaround(s)
view
0
User(s) can reproduce this bug

Description

In IE Bug reporting guidelines, you pleased us to report security issues of Internet Explorer as private (visible only for me and Microsoft). But, in IE bug form CANNOT file private bug report! If I would file a public form about security issue (and include a way how to harm other people and their computers), bad folks can read and use it for criminal.
Details
Sign in to post a comment.
Posted by ranta on 3/13/2014 at 9:49 AM
https://technet.microsoft.com/en-us/security/bulletin/pgp (Microsoft Security Response Center PGP Key and S/MIME Certificate) says:

"The Microsoft Security Response Center uses this PGP key to sign all security notifications and encourages others to use this key or our S/MIME certificate when sending sensitive information to us. You should send all security vulnerability reports to secure@microsoft.com."

If I wanted to report an Internet Explorer vulnerability privately, I'd try that address.
Perhaps this should be advertised in the IE bug form as well.
Sign in to post a workaround.