I've never heard of this before, so forgive me if I'm restating the obvious, but this appears to be getting in the face of Microsoft's MSRC: <a href="http://www.microsoft.com/security/msrc/" rel="nofollow">http://www.microsoft.com/security/msrc/</a> (Microsoft Security Response Center).<p>edit: Does anyone know more about the hostility they're referring to and what their objectives are? Presumably Microsoft was being less-than-cooperative?