Bing

If you have found a security vulnerability in any of Microsoft’s online services, please send e-mail to [email protected]. We will respond to your submission within 24 hours and start working right away to remediate the vulnerability. To help our engineers identify the potential vulnerability, please include as much information in your report as possible. For example, include the following:

• Proof-of-concept and/or URL demonstrating the vulnerability
• Type of issue (cross-site scripting, buffer overflow, SQL injection, etc.)
• Any special configuration required to reproduce the issue
• Impact of the issue, including how an attacker could exploit the issue

To encrypt your message to our PGP key, please go to the Microsoft Security Response Center PGP Key and S/MIME Certificate page for further information.

Please note that the Microsoft Security Response Center does not provide technical support for Microsoft products. If you need assistance with something other than reporting a possible security vulnerability, please see the statement below that most closely matches your situation and expand the statement for next steps.