It would have been a courtesy to Teams users too, not just MS. I don't see the downside of going through the proper channels before disclosing this publicly unless the goal is some kind of "revenge" for the bug.
There is a difference between unintended yet inevitable bugs and negligence.
Deliberately cheapening out on security because security researchers generally hold to a responsible disclosure procedure is not in the users interest.
This is not one of those inevitable bugs. This is an indicator that there maybe security issues littered throughout the system because no one cares.
Deliberately cheapening out on security because security researchers generally hold to a responsible disclosure procedure is not in the users interest.
This is not one of those inevitable bugs. This is an indicator that there maybe security issues littered throughout the system because no one cares.