MS should keep a list of details on all people that contact them with information concerning valid security threats.. it's good business sense. They should also act on that information. There will never be a system that can do everything we demand of it that is 100% secure.
