Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Opens Access to Vulnerability Notifications

Posted by CowboyNeal on from the open-doors dept.

joseph schmo writes "Microsoft has announced that it will throw open the floodgates of vulnerability notifications for everyone who wants them. Previously, it was only offering early notifications to 'Premier and other 'representative' customers,' or those customers who would sign a Non-disclosure statement."

9 of 104 comments (clear)

  1. Slashdotted by PhrostyMcByte · · Score: 5, Informative

    It was probably talking about this.

  2. Re:no posts and already /.'d by Esteanil · · Score: 2, Informative

    It was down even when it showed up in the Mysterious Future, and yeah, I did mail the editor about it...

    http://www.computerweekly.com/articles/article.asp ?liArticleID=134810&liArticleTypeID=1&liCategoryID =1&liChannelID=13&liFlavourID=1&sSearch=&nPage =1 is a brand new article about MS giving advance notice of security updates, I guess it's the same piece of news.

    --
    I'm a dreamer, the world is my playpen. But hey, I'm a serious person, I can't dream all the time.
  3. Working links by DeadSea · · Score: 5, Informative

    Get your early warnings here:

    Microsoft Security Bulletin Advance Notification

    Another news story about it:

  4. More links.... by Anonymous Coward · · Score: 2, Informative

    Computer Weekly

  5. Well, not that interesting by dago · · Score: 4, Informative

    What they will do is pre-announce the forecoming security bulletings 3 days in advance, and without details.

    So, on saturdays, every 3 months, you'll get something like : Next tuesday, there will be 5 new vulnerabilities, 2 of them being critical.

    --
    #include "coucou.h"
  6. Re:Who The Hell Uses Microsoft Products Anymore? by gowen · · Score: 2, Informative

    Who The Hell Uses Microsoft Products Anymore?

    About 90% of the world's home/office computer users. No stop asking stupid questions.

    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
  7. Re:Scripted Updates by pandrijeczko · · Score: 2, Informative
    Assuming this is a serious question, I don't play around with Windows much but I do recall that the Windows updates were available as standard HTTP/FTP downloads somewhere on Microsoft's web site, outside of Windows Update.

    Assuming that's still the case and you can find out where they are, you could always use a program like wget on the BASH command-line to retrieve them (or any HTTP/FTP document or file).

    Writing a script around that to determine what's available and what's been updated, as well as emailing you or a number of other people, should be fairly straightforward.

    --
    Gentoo Linux - another day, another USE flag.
  8. Re:Scripted Updates by pandrijeczko · · Score: 4, Informative

    PS. If you're new to shell-scripting or if you just want a collection of good useful scripts, you cannot IMHO do better than Wicked Cool Shell Scripts which has about 100 example scripts, a couple of which show how to do neat stuff with wget and the Lynx browser in command-line mode.

    --
    Gentoo Linux - another day, another USE flag.
  9. Re:Scripted Updates by HydrusZ · · Score: 2, Informative

    You've been able to do this for a long time using SUS. It's a personal, configurable Windows Update server. Of course, you need a Windows server with IIS to use it.

    Updates have always been available for download through http://support.microsoft.com, but they are not stored in any central area that you can get to programatically. But this is why Microsoft only releases updates once a month. You know exactly what day you'll get the security newsletter on, and all you have to do is follow the link and download what you need.