Microsoft revamps Patch Tuesday advance notice, security bulletins

Summary:Microsoft plans to implement a major change to the Patch Tuesday advance notice mechanism to provide more details ahead of the release of security bulletins. The security bulletins are also undergoing a layout/design makeover.

Microsoft plans to implement a major change to the Patch Tuesday advance notice mechanism to provide more details ahead of the release of security bulletins. The security bulletins are also undergoing a layout/design makeover.

advisory_icon.jpg
Instead of the current bare-bones note with the the affected platform and the highest possible severity rating, the Microsoft Security Response Center (MSRC) will release a summary page (similar to this one) that gives more details on the actual products affected and the potential impact of the vulnerability.

Starting next month, the advance notice subset will contain the following for each bulletin and will not be grouped by just the platform:

  • Maximum Severity Rating
  • Impact of Vulnerability
  • Detection information
  • Affected Software

Once the security bulletins are released on the second Tuesday of the month, the bulletin summary page will be updated with complete details.

The design and layout of the security bulletins will also be changed to allow end users to quickly determine the severity of the bulletin and its applicability to their specific environment.

According to the MSRC's Mark Miller, the new bulletins will:

  • Move all applicable decision making information to the top of the page
  • Create a table of affected products (instead of a list) with links to the download location of the updates
  • Change the section titles to be more representative of the content under them
  • Re-arrange content to areas that make them more intuitive to find
  • Reduce some of the repetitive content in the bulletin

Here is an example of the new layout of the Microsoft security bulletins.

Topics: Security, Microsoft

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.