On 10/10/25 2:14 PM, Gregory ROCHER via mailop wrote:
Le 10/10/2025 à 13:00, Giovanni Bechis via mailop a écrit :does anybody knows of a Microsoft security contact I can talk about an issue ?Hi, maybe you can use the security.txt ? https://securitytxt.org/
Thanks Giovanni
Microsoft implements this$ http https://microsoft.com./.well-known/security.txt HTTP/1.1 301 Moved Permanently Connection: keep-alive Content-Length: 0 Content-Type: text/html Date: Fri, 10 Oct 2025 12:12:10 GMT Location: https://www.microsoft.com/.well-known/security.txt Strict-Transport-Security: max-age=31536000 X-Cache: CONFIG_NOCACHE x-azure-ref: 20251010T121210Z-r15d8cfbd96sjwtdhC1PARtkw8000000024g0000000051f1 $ http https://www.microsoft.com./.well-known/security.txt HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Methods: GET,OPTIONS,HEAD,DELETE,PATCH Access-Control-Allow-Origin: https://msrc.microsoft.com Connection: keep-alive Content-Encoding: gzip Content-Length: 446 Content-Type: text/plain; charset=utf-8 Date: Fri, 10 Oct 2025 12:12:21 GMT Last-Modified: Wed, 01 Oct 2025 16:24:36 GMT Strict-Transport-Security: max-age=63072000; includeSubDomains; preload TLS_version: tls1.3 Vary: Accept-Encoding X-AFD: WWWRule X-Cache-Info: L2_T2 X-RTag: OneRoute_Default ms-cv: CASMicrosoftCV9fb5f6b2.0 ms-cv-esi: CASMicrosoftCV9fb5f6b2.0 x-app-env: prd x-azure-ref: 20251005T200459Z-1788dbc7d95wcpqphC1PARq2cs00000019p000000000ay5p # Our security acknowledgements page Acknowledgments: https://msrc.microsoft.com/update-guide/acknowledgement # Canonical URI Canonical: https://www.microsoft.com/.well-known/security.txt # Our Researcher Portal Contact: https://msrc.microsoft.com/report/vulnerability/new # Our PGP Key Encryption: https://msrc.microsoft.com/.well-known/csaf/openpgp/998D7EC1A516E3D17FF90480EF148D3CDE714E0D.asc Expires: 2026-09-23T16:00:00.000Z # Our Bounty policy Policy: https://www.microsoft.com/en-us/msrc/bounty/ # Our Coordinated Vulnerability Disclosure Policy Policy: https://www.microsoft.com/en-us/msrc/cvd # Our Bounty Legal Safe Harbor Policy Policy: https://www.microsoft.com/en-us/msrc/bounty-safe-harbor # Our Common Security Advisory Framework (CSAF) publications CSAF: https://msrc.microsoft.com/csaf/provider-metadata.json Preferred-Languages: en
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
