Apparently none of the ways I've told @msftsecresponse about this have taken hold:
CVEs ideally get assigned at public disclosure time, not at patch release time. Why was ADV200006 released without a CVE?
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200006 …
Microsoft is a CNA and should know this.
@n0x08
-
Show this thread
Seriously @msftsecresponse
This isn't secret knowledge that only lives in @SushiDude's mind.
Ask virtually anybody who works in the security field what a CVE ID is supposed to be used for.
They might be able to help steer you in the right direction...pic.twitter.com/Gc3zkxjl71
10:51 AM - 14 Apr 2020
0 replies
0 retweets
5 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.