Microsoft Opens Access to Vulnerability Notifications

joseph schmo writes "Microsoft has announced that it will throw open the floodgates of vulnerability notifications for everyone who wants them. Previously, it was only offering early notifications to 'Premier and other 'representative' customers,' or those customers who would sign a Non-disclosure statement."

Who cares?

[sridev]

Was anyone really waiting for this to happen?

I'm fine with the automatic Windows update!

Re:Who cares?

[julesh]

I'm fine with the automatic Windows update!

That's what I thought until it stopped downloading patches for me without notification or error message (turns out I had failed to download an update that was labelled as non-critical which included a patch for BITS, which automatic update relies on, and it therefore stopped working... apply that patch and suddenly I had about two months' worth of critical updates coming down all at at once).

Watch network traffic go up

[supercytro]

"Microsoft has announced that it will throw open the floodgates of vulnerability notifications for everyone who wants them"
...and people thought spam was bad. Prepare to find mail-bombed by MS:-)

Anyways, yes, I'm being facetious. This is a good announcement for everyone. I could never understand what the logic was by trying to hide what vulnerabilities were fixed in an update. This should allow those in charge of admin to reasonably evaluate the state and impact of the updates and vulnerability.

Re:Working links

[ppz003]

Does it bother anyone else that the first advisory they post is set for November 9th, the same day as the Firefox release, and is for the Microsoft Internet Security and Acceleration (ISA) Server?

Me thinks an update to the firewall... Block all outbound access for process firefox.exe...