Microsoft to retire Security Bulletins in January 2017
Microsoft announced on yesterday's Patch Tuesday for November that it plans to retire the publication of Security Bulletins in January 2017.
Security bulletins like MS16-129 reveal information about patched vulnerabilities. This includes information about the vulnerability, affected software, severity ratings, deployment information and more.
The company has created a new portal called Security Updates Guide which can best be described as a searchable database of security updates released for Windows and other products. Microsoft plans to make it the sole destination for security update information starting February 2017.
Instead of publishing bulletins to describe related vulnerabilities, the new portal lets our customers view and search security vulnerability information in a single online database.
Security Updates Guide
The Security Updates Guide database lists publication dates, KB Article IDs, and the affected products in a table.
Update: An update added options to display details, severity and impact as well. The details link opens a new page that lists information such as a description, affected products, exploitability assessment, mitigations and more similar to what Security Bulletins listed previously.
It features a data filter at the top to limit the listing to a particular time period, and a text search option that enables you to find updates by product, KB article or CVE.
A search for Windows 7 returns updates that are released for the operating system for instance, while a KB ID search that particular update.
A new Rest API can be leveraged to obtain "Microsoft security update" information. This eliminates the need for companies and individuals to use screen-scraping or other methods to obtain update information.
The table looks less useful from a user perspective. One reason for that is that it does not highlight KB article titles. While you know that updates apply to your systems or products by looking at the "applies to" column, there is virtually no information on the update itself.
You do need to click on the KB article link to open it to get the information. It is unclear yet how this will work when security bulletins are not released anymore.
The KB article 3197867, which is the Security Only Quality Update for Windows 7 for November 2016, links to security bulletins for instance. If those are not published anymore, it seems likely that the links will point to KB articles instead as well.
Microsoft notes that Security Bulletins will be published until January 2017. After the January 2017 update, information is published only to the Security Updates Guide.
Security update information will be published as bulletins and on the Security Updates Guide until January 2017. After the January 2017 Update Tuesday release, we will only publish update information to the Security Updates Guide.
It remains to be seen as to how this will work out in the end as we don't know all the facts yet.
Now You: What's your take on the announcement?
Martin, I would appreciate that you do not censor this post, as it’s informative writing.
Onur, there is a misleading statement “[…] GIFs are animated images …”. No, obviously you don’t seem to have take much notice of what you were told back in March regarding; Graphics Interchange Format (GIF).
For example, https://www.ghacks.net/2023/03/31/whats-gif-explanation-and-how-to-use-it/#comment-4562919 (if you had read my replies within that thread, you might have learnt something useful). I even mentioned, “GIF intrinsically supports animated images (GIF89a)”.
You linked to said article, [Related: …] within this article, but have somehow failed to take onboard what support you were given by several more knowledgeable people.
If you used AI to help write this article, it has failed miserably.
AI is stupid, and it will not get any better if we really know how this all works. Prove me wrong.. https://www.youtube.com/watch?v=4IYl1sTIOHI
Martin, [#comment-4569908] is only meant to be in: [https://www.ghacks.net/2023/07/09/how-to-send-gifs-on-iphone-two-different-ways/]. Whereas it appears duplicated in several recent random low-quality non relevant articles.
Obviously it [#comment-4569908] was posted: 9 July 2023. Long before this thread even existed… your database is falling over. Those comments are supposed to have unique ID values. It shouldn’t be possible to duplicate the post ID, if the database had referential integrity.
Don’t tell me!
Ghacks wants the state to step in for STATE-MANDATED associations to save jobs!!!
Bring in the dictatorship!!!
And screw Rreedom of Association – too radical for Ghacks maybe
GateKeeper ?
That’s called “appointing” businesses to do the state’s dirty work!!!!!
But the article says itself that those appointed were not happy – implying they had not choice!!!!!!
@The Dark Lady,
@KeZa,
@Database failure,
@Howard Pearce,
@Howard Allan Pearce,
Note: I replaced the quoted URI scheme: https:// with “>>” and posted.
The current ghacks.net is owned by “Softonic International S.A.” (sold by Martin in October 2019), and due to the fate of M&A, ghacks.net has changed in quality.
>> ghacks.net/2023/09/02/microsoft-is-removing-wordpad-from-windows/#comment-4573130
Many Authors of bloggers and advertisers certified by Softonic have joined the site, and the site is full of articles aimed at advertising and clickbait.
>> ghacks.net/2023/08/31/in-windows-11-the-line-between-legitimate-and-adware-becomes-increasingly-blurred/#comment-4573117
As it stands, except for articles by Martin Brinkmann, Mike Turcotte, and Ashwin, they are low quality, unhelpful, and even vicious. It is better not to read those articles.
How to display only articles by a specific author:
Added line to My filters in uBlock Origin: ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))
>> ghacks.net/2023/09/01/windows-11-development-overview-of-the-august-2023-changes/#comment-4573033
By the way, if you use an RSS reader, you can track exactly where your comments are (I’m an iPad user, so I use “Feedly Classic”, but for Windows I prefer the desktop app “RSS Guard”).
RSS Guard: Feed reader which supports RSS/ATOM/JSON and many web-based feed services.
>> github.com/martinrotter/rssguard#readme
We all live in digital surveillance glass houses under scrutiny of evil people because of people like Musk. It’s only fair that he takes his turn.
“Operating systems will be required to let the user choose the browser, virtual assistant and search engine of their choice. Microsoft cannot force users to use Bing or Edge. Apple will have to open up its iOS operating system to allow third-party app stores, aka allow sideloading of apps. Google, on the other hand, will need to provide users with the ability to uninstall preloaded apps (bloatware) from Android devices. Online services will need to allow users to unsubscribe from their platform easily. Gatekeepers need to provide interoperability with third-parties that offer similar services.”
Wonderful ! Let’s hope they’ll comply with that law more than they are doing with the GDPR.