The Microsoft Security Response Center (MSRC) investigates all reports of security vulnerabilities affecting Microsoft products and services.
If you are a security researcher and believe you have found an issue that meets the definition of a security vulnerability and that is not resolved by the 10 Immutable Laws of Security, please notify us at firstname.lastname@example.org. Include as many of the below details as possible. This information will help us to better understand the nature and scope of the situation:
To encrypt your message to our PGP key, please download it from the Microsoft Security Response Center PGP Key. You should receive a response within 24 hours. If for some reason you do not, please follow up with us to ensure we received your original message.
For further information, please read the Acknowledgment Policy for Microsoft Security Bulletins.
Find local experts in your area