[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] How to Report a Security VulnerabilitytoMicrosoft
- To: mcbain@xxxxxxx
- Subject: Re: [Full-disclosure] How to Report a Security VulnerabilitytoMicrosoft
- From: Georgi Guninski <guninski@xxxxxxxxxxxx>
- Date: Tue, 12 Apr 2005 23:42:41 +0300
On Mon, Apr 11, 2005 at 01:55:00PM -0400, mcbain@xxxxxxx wrote:
> They do want you to communicate with them (or vendors) in a more
> responsible manner but at the same time totally admit to their "PR issue" and
> how they have handled bug finders in the past and internal security in the
> past and are changing. There email in this thread is exactly the truth as it
> was written.
>
calculate the difference in the dates:
http://www.securityfocus.com/archive/1/395563/2005-04-09/2005-04-15/0
Microsoft MSHTA Script Execution Vulnerability
iDEFENSE Security Advisory 04.12.05
www.idefense.com/application/poi/display?id=231&type=vulnerabilities
April 12, 2005
VIII. DISCLOSURE TIMELINE
11/02/2004 Initial vendor notification
11/02/2004 Initial vendor response
04/12/2005 Coordinated public disclosure
http://www.securityfocus.com/archive/1/395562/2005-04-09/2005-04-15/0
VIII. DISCLOSURE TIMELINE
10/25/2004 Initial vendor notification
10/25/2004 Initial vendor response
04/12/2005 Coordinated public disclosure
http://www.securityfocus.com/archive/1/395559/2005-04-09/2005-04-15/0
VIII. DISCLOSURE TIMELINE
11/11/2004 Initial vendor notification
11/11/2004 Initial vendor response
04/12/2005 Coordinated public disclosure
--
where do you want bill gates to go today?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/