We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone’s best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed.
Reciente Security Advisory de Microsoft
acerca de la nueva vulnerabilidad en SMB que afecta a Windows Vista y Server 2008