Microsoft adds RSS feed support to its Security Update Guide service
Microsoft's Security Update Guide site is a core service when it comes to information about security information and updates that Microsoft releases. Up until now, users could sign-up using an account to receive notifications about new vulnerabilities added to Microsoft's database.
Microsoft disabled the legacy Security Notification Service in September 2022 in favor of a "modern Azure-based service" that requires signing-up with an account. The process allows customers to receive notifications about major and minor revisions. Microsoft published a page-long guide on signing-up and enabling the notifications on the site.
Access to the Security Update Guide site does not require a Microsoft Account. Starting this week, Security Update Guide supports a new delivery method for security information: RSS.
Microsoft notes in the announcement that some of its customers have asked for RSS support to be added to the site. RSS has been neglected by many Internet companies since its golden age, which ended with Google's termination of Google Reader. Recently, RSS seems to be making a comeback of sorts. Even Google is developing basic RSS feed reader support for its Chrome browser.
Microsoft's implementation on its Security Updates Guide website allows anyone to subscribe to the main feed to receive notifications whenever Microsoft publishes new information on the security site. The RSS feed option is displayed prominently on the Security Update Guide website. A click on the icon loads the RSS feed's XML file, or an option to integrate it in an installed RSS feeder right away, depending on how things are handled on the computer.
The RSS feed address is https://api.msrc.microsoft.com/update-guide/rss, and you may subscribe to it in any RSS feed reader. Note that there is no option to customize the delivery feed; you can't select to just receive information about some products, such as Windows Server or Microsoft Edge.
The RSS feed that Microsoft provides includes all updates that Microsoft posts on its site. While that is limiting, some security researchers and administrators may prefer RSS, especially if they use it anyway.
Now You: RSS, emails, push notifications, apps, or something else? How do you prefer to stay up to date?
Finally, Microsoft does something useful.
RSS FTW! Inoreader is my one-stop hub foe updates
“Don’t use Microsoft’s Security Update Guide (yet)” You road Martin on March 16, 2017, and never came back on your article to explain that things were repaired/better.
You wrought “If you look closely, however, you will notice that Microsoft does not list all security updates there for a given operating system or product.
Also “The question is, how do you know about future updates that are released that are not mentioned by Microsoft in key locations?”
And also “If you happen to install updates manually for Windows, however, you may miss out on pages due to oversights by Microsoft.
Is there anything changed for the good?
What is old is new again.
The only reason why RSS was “neglected” is because it was yet another channel needing monetization (tedious to do), yet another support model to the internet cost center and easily *rejected* especially being the recipient of, “RSS? Whut dat?” from the glass office suits.
ICYMI & FYI for the gHacks community:
is a nice feed to add to your RSS client/reader.
QuiteRSS rules. Does a great job for the many, many years of daily reading 74 not-neglected feeds. Including gHacks. Thanks Martin!!
No wonder I can’t get Microsoft’s security advice in October