Navigation section

coordinated disclosure

About this tag
Coordinated disclosure is a key practice in cybersecurity where vulnerabilities are privately reported to vendors, allowing them to develop and release fixes before public details emerge. On WindowsForum, discussions highlight Microsoft's Security Response Center (MSRC) and its role in managing coordinated disclosure for over 20 years, including bounty programs for speculative execution side-channel vulnerabilities and participation in security conferences like Black Hat. The tag covers how Microsoft engages with researchers to responsibly disclose flaws, protect customers, and improve security posture through structured programs and customer guidance.
  1. News

    VIDEO Inside MSRC: Sharing Our Story & Customer Tips

    For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...
    • News
    • Thread
    • best practices blue teams bug bounty cloud security code security coordinated disclosure customer tips cybersecurity government programs industry programs microsoft msrc operational security red team security security best practices security conferences video vulnerability
    • Replies: 1
    • Forum: Security Alerts
  2. News

    Speculative Execution Bounty Launch

    Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...
    • News
    • Thread
    • attack techniques bounty program bounty tiers coordinated disclosure cve-2017-5715 cve-2017-5753 microsoft microsoft azure mitigation payouts research security research speculative execution threat landscape tier 1 tier 2 tier 3 tier 4 vulnerability windows 10
    • Replies: 0
    • Forum: Security Alerts
  3. News

    Black Hat 2010

    BH Landscape Next week, many of us here will be heading down to Las Vegas for Black Hat. The MSRC, and other teams in Microsoft, have been attending Black Hat for years. In fact, we've been sponsoring the show for the last eight years-the last five as a platinum sponsor. Some might ask why...
    • News
    • Thread
    • attack black hat bluehat collaboration community coordinated disclosure crisis management fix information disclosure microsoft msrc network security research security telemetry threat landscape training trustworthy computing update vulnerability
    • Replies: 0
    • Forum: Security Alerts
Back
Top