As far as I can tell, there isn’t anything there you might seriously call a policy.

Well there is an old ‘knowledge base’ searchable either via a solution center or technet. It includes, however, only known issues that MS support personnel have already encountered and resolved or (mostly) worked around.

There are various MS-maintained forums and communities, in which MS devs are often active, but MS devs certainly do not initiate any discussions on open issues there.

There is connect – which is a great initiative by itself, and which I personally use a lot. It includes, however, only bugs that users have reported. How many are these? Well, Pat Brenner recently wrote that –

[MFC 11] Fixed over 220 bugs, nearly 100 of which were reported by customers via the Connect web site

So extrapolating it seems fair to assume that most of the known bugs at any given time are not reported by users, and developers are forced to re-discover them time and time again.

MS actually seems quite behind on industry-standard issue disclosure policies: I can’t find serious release notes or other form of known-issues-list anymore. There was something for 2005 express editions, and a blog post for 2010 Release Candidate. But nothing serious and official about any professional versions.

So, I’ve made a suggestion at the Visual Studio UserVoice site:

[…] I’d love to see a live, public repository of known issues, updated with their triage results and expected resolution (if any).

Some examples:
https://bugzilla.mozilla.org/
http://bugs.sun.com/bugdatabase/

Beyond the potential saving in developer frustration, MS might gain valuable insight into impact and prioritization of known issues, which you might want to consider, e.g., when planning service packs.

Of course all the above does not hold for security bugs.

If you agree, please take a minute to vote this suggestion up. If not – I’d love to hear why! Please comment and explain.