Dan's Blog

I am Principal Program Manager at Microsoft leading the Business Platform Division's (BPD) community team. BPD includes SQL Server, SQL Azure, BizTalk, AppFabric, and other technologies and services.

Disclosure of Security Threats/Vulnerabilities

Disclosure of Security Threats/Vulnerabilities

  • Comments 2

I've been having an interesting open dialog with Steve Jones (SQL Server Central) on the issue of disclosing security vulnerabilities. You can read the thread here: http://www.sqlservercentral.com/forums/shwmessage.aspx?forumid=263&messageid=267111

Feel free to chime in.

Leave a Comment
  • Please add 4 and 6 and type the answer here:
  • Post
  • What do you propose? Send an email to customer services at MS, what if the person doesnt have a "support call" with MS LOL.  Post it on usenet, post it on forums thats the only way because nobody at MS call centers listen all they want is your support contract details.  You do not have a public facing bug database, no (obvious and easy) channels for people to report this so SUFFER.
  • If you've found a potential security vulnerability in a Microsoft product you can report it here: https://www.microsoft.com/technet/security/bulletin/alertus.aspx. And this is free!
Page 1 of 1 (2 items)