November 20th, 2007

Vulnerabilities

Please bear with me if this is in the wrong place.

I realize that most bug reports are to be handled through support, but what about 0-day exploits and vulnerabilities? Obviously, it would be counterproductive to disclose any details on security holes publicly before the issue is resolved, so a support ticket doesn't seem to be an option (as far as I can tell, they are public, and I have yet to find alternate contact information). Any guidance on where to direct this information would be most appreciated.