-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Regarding CVE-2026-45585,
"Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices."
Saying that I violated CVD best practices is a defamation of my personal reputation, you already told me you will defaming me and doing it in public will not help dissolve this conflict.
You intentionally revoked my access to my MSRC account that I used to report vulnerabilities to you, when I asked you, you went ahead and completely wiped the account from existance despite multiple attempts from asking for an explanation. All of those requests went unanswered by the MSRC leadership.
I'm taking your statement very personally.
-----BEGIN PGP SIGNATURE-----
iHUEARYKAB0WIQRJTvAf/AWVhAKEeb7FFoRCS0/SbAUCag3sIAAKCRDFFoRCS0/S
bGSGAQDELxy4ZBT4kvHoIHtyX0FEbGZdTaksQOrOLwLVOWRYhQEAgvaD1GeSyK2+
oWRzWr9CNANzXZMKgRBkUFoQG9Tv1AA=
=WRSl
-----END PGP SIGNATURE-----
Can you please use the following as potential vulnerability names "Expected Behavior Exposure", "Sleep Mode Betrayal", "By Design Key Leakage" or "Compliance-Friendly Data Reveal”. Take care of yourself and good luck!
ReplyDelete