Microsoft Vulnerability Severity Classification for Online Services | www.microsoft.com
Microsoft Vulnerability Severity Classification for AI Systems| www.microsoft.com
Under the principle of Coordinated Vulnerability Disclosure, researchers disclose newly discovered vulnerabilities in hardware, software, and services directly to the vendors of the affected product; to a national CERT or other coordinator who will report to the vendor privately; or to a private service that will likewise report to the vendor privately. The researcher allows the vendor the opportunity to diagnose and offer fully tested updates, workarounds, or other corrective measures before...| www.microsoft.com
Report a security vulnerability to the Microsoft Security Response Center, track the status of your report, manage your researcher profile, and more!| msrc.microsoft.com
Our commitment to protecting customers from vulnerabilities in our software, services, and devices includes providing security updates and guidance that address vulnerabilities when they are reported to Microsoft. We also want to be transparent with security researchers and our customers in our approach. This document helps to describe the criteria the Microsoft Security Response Center (MSRC) uses to determine whether a reported vulnerability affecting up-to-date and currently supported vers...| www.microsoft.com
What to expect when reporting vulnerabilities to Microsoft| msrc.microsoft.com
Microsoft Researcher Recognition Program | www.microsoft.com