Let’s get the details on how to Report Security Issues to Microsoft. Microsoft allows users to report security issues on different Microsoft products. They provide a solution called Microsoft Security Response Center (MSRC) to report security issues.
Have you heard about Microsoft Security Response Center (MSRC)? MSRC is part of the defender community and is on the front line of the evolution of security response. Microsoft is dedicated to protecting customers and the broader ecosystem.
For 20 years, Microsoft has engaged with security Researchers to make users secure and ensure privacy at the highest level. We all know that many security threats have occurred to Microsoft Products. With MSRC, users can quickly report different types of security threats to Microsoft products.
The MSRC portal is user-friendly; users can submit security threads using Microsoft Products. In this blog post, I will help you learn more about reporting Security Issues to Microsoft.
| Index |
|---|
| How to Report Security Issues to Microsoft |
| OAuth Application Report in MSRC Portal |
| Further Steps Taken by Microsoft on a Threat Report |
- Top 5 Data Security Challenges DLP Productivity eBook Download for Free
- Insights of How Copilot for Security Works
How to Report Security Issues to Microsoft
As mentioned above, users can easily and quickly report security issues to Microsoft in the MSRC reporting portal. Many security issues occur daily in the cyber world, and Microsoft considers each of the security threat reports of users.
MSRC is the best portal for reporting security issues to Microsoft. It allows users to recognize security issues easily. The table below shows the different reports that can be submitted on the MSRC Portal.
| Different Category of Thread Reports in MSRC Reporting Portal | Types of Threads in each Category |
|---|---|
| IP Address threats | Brute Force, Denial of Service, Illegal, Malware, Spam |
| URL related threats | Illegal, Malware, Responsible AI, Phishing Website |
| Security threats | Vulnerability |
| OAuth Application | Fraudulent Publisher, Suspicious app, Misuse of data |
| Community Gallery | Malicious Artifact, Malicious Text or URL |
| Others | CSEAI, Outlook Spam, Tech Support, Subpoena, Unsafe site or URL, Infringement, Bing Bot, Privacy |
See More: 2024 Cybersecurity Certifications for IT Professionals
OAuth Application Report in MSRC Portal
The above table shows the different categories of threats that can be reported on the MSRC Portal. The OAuth Application thread report is one of the major thread reports on the MSRC portal.
Users can report Fraudulent Publishers, Suspicious apps, and data misuse in the MSRC portal. Users can now report the Microsoft 365 OAuth app on the MSRC Portal. To report any threats, follow the below steps.
- Open MRSC Portal https://msrc.microsoft.com/report/.
- Select any security threats from the below window.
- Select the sub-category thread (e.g., Suspicious app from Security thread).
- Click on Suspicious App.
After that, you will get a new window, and you can report any suspicious application on this window. To report any issues, provide basic info about the app. This step is mandatory and enters the Suspicious App’s application ID, Incident Date and Time.
- Basic info – Tell about the application you are reporting.
- Application ID – Unique identifier for the application that is assigned to an application by Microsoft Entra ID.
- Incident Date & Time – Select the date and time.
Then, you can provide additional information on the time zone in this window. You should enter the reason for reporting the app in this window. Here, you can also enter additional information about the suspicious app in the text box with a limit of 10000 words.
- Click on the Submit button.
Further Steps Taken by Microsoft on a Threat Report
After getting a user’s report, Microsoft Immediately takes necessary action about the report. Firstly, the MSRC team reviews the report and verifies whether it is a security vulnerability. Then, the threat communication will be investigated, and deployment will be fixed.
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.