Microsoft announces security bulletin changes

A Microsoft spokesperson just notified me of planned changes to both the advanced notification service (ANS) and format of the monthly scheduled Microsoft security bulletins. These changes are worthy of note, but they will not affect the actual information provided — just the way it is presented.

According to the spokesperson, the changes are intended mostly to make it easier for security managers to deterimine the actual threat level for their particular situation. The new ANS will be implemented Thursday, June 7, and it will include the maximum severity rating, the impact, a list of affected software, and other details about the threat.

As listed on the TechNet blog, Microsoft plans to make the security bulletins more immediately useful by:

  • Moving all applicable decision-making information to the top of the page.
  • Creating a table of affected products (instead of a list) with links to the download location of the updates.
  • Changing the section titles to be more representative of the content under them.
  • Rearranging content to areas that make them more intuitive to find.
  • Reducing some of the repetitive content in the bulletin.

Here's an example of the new layout, which shows a rewrite of Microsoft Security Bulletin MS07-016. Please note that this example does not contain any new information and is merely a demonstration of the new format.

At first glance I find the new format to be an improvement. Please let me know here what you think, and I will pass along any suggestions to my contacts at Microsoft.

Editor's Picks