Re: [mailop] Microsoft security contact

Fri, 10 Oct 2025 05:24:44 -0700 

Le 10/10/2025 à 13:00, Giovanni Bechis via mailop a écrit :
does anybody knows of a Microsoft security contact I can talk about an issue ? 

Hi,
maybe you can use the security.txt ?
https://securitytxt.org/

Microsoft implements this


$ http https://microsoft.com./.well-known/security.txt
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Fri, 10 Oct 2025 12:12:10 GMT
Location: https://www.microsoft.com/.well-known/security.txt
Strict-Transport-Security: max-age=31536000
X-Cache: CONFIG_NOCACHE
x-azure-ref: 20251010T121210Z-r15d8cfbd96sjwtdhC1PARtkw8000000024g0000000051f1



$ http https://www.microsoft.com./.well-known/security.txt
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET,OPTIONS,HEAD,DELETE,PATCH
Access-Control-Allow-Origin: https://msrc.microsoft.com
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 446
Content-Type: text/plain; charset=utf-8
Date: Fri, 10 Oct 2025 12:12:21 GMT
Last-Modified: Wed, 01 Oct 2025 16:24:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
TLS_version: tls1.3
Vary: Accept-Encoding
X-AFD: WWWRule
X-Cache-Info: L2_T2
X-RTag: OneRoute_Default
ms-cv: CASMicrosoftCV9fb5f6b2.0
ms-cv-esi: CASMicrosoftCV9fb5f6b2.0
x-app-env: prd
x-azure-ref: 20251005T200459Z-1788dbc7d95wcpqphC1PARq2cs00000019p000000000ay5p


# Our security acknowledgements page 
Acknowledgments: https://msrc.microsoft.com/update-guide/acknowledgement



# Canonical URI 
Canonical: https://www.microsoft.com/.well-known/security.txt



# Our Researcher Portal  
Contact: https://msrc.microsoft.com/report/vulnerability/new



# Our PGP Key 
Encryption: https://msrc.microsoft.com/.well-known/csaf/openpgp/998D7EC1A516E3D17FF90480EF148D3CDE714E0D.asc


Expires: 2026-09-23T16:00:00.000Z


# Our Bounty policy 
Policy: https://www.microsoft.com/en-us/msrc/bounty/



# Our Coordinated Vulnerability Disclosure Policy 
Policy: https://www.microsoft.com/en-us/msrc/cvd
 
# Our Bounty Legal Safe Harbor Policy 
Policy: https://www.microsoft.com/en-us/msrc/bounty-safe-harbor


# Our Common Security Advisory Framework (CSAF) publications
CSAF: https://msrc.microsoft.com/csaf/provider-metadata.json

Preferred-Languages: en



--
Grégory Rocher
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop






















					Reply via email to