Microsoft dropped the legal threat, but it also dropped the phrase "responsible disclosure." The new statement says coordinated vulnerability disclosure instead. That's the term Microsoft itself switched to back in 2010, specifically so researchers who go public wouldn't be painted as irresponsible. Katie Moussouris, who helped make that switch, said invoking "responsible" this time was "the first strike in my book."
Microsoft dropped the legal threat, but it also dropped the phrase "responsible disclosure." The new statement says coordinated vulnerability disclosure instead. That's the term Microsoft itself switched to back in 2010, specifically so researchers who go public wouldn't be painted as irresponsible. Katie Moussouris, who helped make that switch, said invoking "responsible" this time was "the first strike in my book."