Microsoft

Schneier - Crypto-Gram August 15, 1999

1999/08/15 : Here is the monthly newsletter written by Schneier on his blog. He speaks among other things about Back Orifice.

This artifact is part of the Back Orifice Bundle and the...Read more

Microsoft Reveals Anti-Disclosure Plan (Poulsen paper)

2001/11/09 : One month after Culp article, future OIS (Organization for Internet Safety) was announced. Kevin Poulsen analysed what was happening. 

"Microsoft and five major computer security companies rounded up the three-day Trusted Computing...Read more

Coordinated Vulnerability Disclosure: Bringing Balance to the Force (Microsoft)

2010/07/22 : "Today on the MSRC [Microsoft Security Response Center] blog, Matt Thomlinson, General Manager of Trustworthy Computing Security, announced our new philosophy on Coordinated...Read more

Coordinated Vulnerability Disclosure Reloaded (Microsoft)

2011/04/19 : Microsoft reloaded its Coordinate Vulnerability Disclosure.

This artifact is part of the Microsoft Vulnerability Disclosure Bundle.Read more

Remote print server gives anyone Windows admin privileges on a PC

2021/07/31 : Lawrence Abrams writes a paper about a new event of full disclosure.

"A researcher has created a remote print server allowing any Windows user with limited privileges to gain complete control over a device simply by installing a print driver."Read more

Coordinated Vulnerability Disclosure: From Philosophy to Practice (Microsoft)

2011/04/19 : Microsoft publishes a paper on CVD to explain in more details how it is working.

"Today, we’re providing more transparency and insight into our disclosure philosophy by announcing three updates to our disclosure practices – a CVD at Microsoft document, MSVR...Read more

Wannacry Ransomware

2017/05 : "The WannaCry ransomware attack was a worldwide cyberattack in May 2017 by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency." (Wikipedia)Read more
NEOHAPSIS - LeBlanc reaction on Culp essay

2001/11/02 : David LeBlanc, founding member of the Trustworthy Computing Initiative at Microsoft, defend Culp. 

"So a vendor who won't fix bugs unless their customers are threatened with active attack is a very different problem than one who fixes problems...Read more

Culp - It's time to end information anarchy

2001/10 : Scott Culp, who founded MSRC (Microsoft Security Response Center), wrote an influential paper, after a series of attacks (virus and worms) from Feb to September 2001. At this time, the irritation against hackers and full disclosures was already calm since months.

Culp...Read more

Culp Debate

Culp - It's time to end information anarchy
A Step Towards Information Anarchy: A Call To Arms - hellNbak
Information Anarchy: The Blame Game? - Edwards reaction on Culp essay
Security in an Open Electronic Society - Levy reaction on Culp essay
Peace of Mind Through Integrity and Insight - Manzuik reaction on Culp essay
Keeping Security Issues in the Open - Davies reaction on Culp essay
NEOHAPSIS - LeBlanc reaction on Culp essay
Security woes: Who is to blame? - Culp interview
MS says stop discussing hack exploits - Leyden paper
ACM: Digital Library: Computers and Society - Bollinger paper
Full Disclosure of Vulnerabilities – pros/cons and fake arguments (Vidstrom paper)
Microsoft's Responsible Vulnerability Disclosure, The New Non-Issue
How do we define Responsible Disclosure? - Shepherd

2003/04/22 : Stephen A. Shepherd define what is responsible disclosure and make a summary of vulnerability disclosure history at this stage.Read more

Hackers keep the heat on Windows NT security (L0pht)

1997 : L0pht, "a group of sophisticated hackers has stepped up the assault on the security of Microsoft's Windows NT operating system."

The group began then negotiating with Microsoft and other companies. They agreed to notice them a month before the...Read more

Subscribe to Microsoft
Need help with PECE?
Join the PECE Slack channel