Dan's Blog : Disclosure of Security Threats/Vulnerabilities

Disclosure of Security Threats/Vulnerabilities

I've been having an interesting open dialog with Steve Jones (SQL Server Central) on the issue of disclosing security vulnerabilities. You can read the thread here: http://www.sqlservercentral.com/forums/shwmessage.aspx?forumid=263&messageid=267111

Feel free to chime in.

Published Wednesday, March 22, 2006 8:06 AM by dtjones

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# re: Disclosure of Security Threats/Vulnerabilities

What do you propose? Send an email to customer services at MS, what if the person doesnt have a "support call" with MS LOL. Post it on usenet, post it on forums thats the only way because nobody at MS call centers listen all they want is your support contract details. You do not have a public facing bug database, no (obvious and easy) channels for people to report this so SUFFER.

Wednesday, March 22, 2006 11:50 AM by wahaha

# re: Disclosure of Security Threats/Vulnerabilities

If you've found a potential security vulnerability in a Microsoft product you can report it here: https://www.microsoft.com/technet/security/bulletin/alertus.aspx. And this is free!

Saturday, April 01, 2006 1:32 AM by dtjones

Title (required)
Name required
Your URL
Comments (required)

Enter Code Here: Required
Remember Me?

Dan's Blog

This Blog

Syndication

Search

Tags

Archives

Disclosure of Security Threats/Vulnerabilities

Comment Notification

Comments

# re: Disclosure of Security Threats/Vulnerabilities

# re: Disclosure of Security Threats/Vulnerabilities

Leave a Comment