Ya I've had a rough time with MSRC too. I hear Symantec is also pretty bad aswell.... then I have another vendor trying to drag their feet and ghost me...
Had a vulnerability with POC provided rejected due to Visual Studio requiring administrative privelegies to get installed. Well- why have VS in your bounty program if installing it disqualifies any vulnerability? Bytheway- is VS installed? Your system is vulnerable with EOP vuln!
-
-
This Tweet is unavailable.
-
-
-
-
Bummer... who's bug bounty program was it? Guess your your free to share details now?
-
They get one more chance- I think this is a honest mistake.
End of conversation
New conversation -
-
-
Well MSRC responced correctly to my report and got CVE 2020 0900
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Jonas, if MSRC rejects it, post the PoC on gitbhub.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Isn’t VS out of the scope of the bug bounty program?
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.