Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Restricts Advanced Notification of Patch Tuesday Updates

Posted by timothy on from the you'll-find-out-eventually dept.

wiredmikey writes Microsoft has decided to ditch its tradition of publicly publishing information about upcoming patches the Thursday before Patch Tuesday. The decision represents a drastic change for the company's Advance Notification Service (ANS), which was created more than a decade ago to communicate information about security updates before they were released. However, Microsoft's "Premier customers" who still want to receive information about upcoming patches will be able to get the information through their Technical Account Manager support representatives, Microsoft said.

13 of 57 comments (clear)

  1. Typical by ITRambo · · Score: 5, Insightful

    What is the deep thinking that went into this action? Why change the established process at all if it was working? The linked article doesn't give a very good explanation. Now only a select few will get advance warning. Are they afraid that the early information might give "bad guys' a leg up, or are they putting this off to buy themselves a few more days to decide which patches are least likely to cause problems?

    1. Re:Typical by ganjadude · · Score: 4, Interesting

      if I had to guess, it might to be not tip off the cyber criminals using the exploits that will be patched. its the only logical reason I can think of

      --
      have you seen my sig? there are many others like it but none that are the same
    2. Re:Typical by gstoddart · · Score: 3, Insightful

      "I'm glad to see that they are willing to talk about the trends they observe in the existing system, but by making this switch, Microsoft is not just cutting through the clutter, they are hiding their security report card from the general public"

      Could it be as simple as PR and making it look like they patch fewer security holes?

      --
      Lost at C:>. Found at C.
    3. Re:Typical by plebeian · · Score: 4, Insightful

      Given the number of problematic updates lately, I would be willing to bet they are getting into trouble because they have publicly committed to releasing a patch before it has completed QC testing. My two cents say that this is an effort to reduce the pressure on the testing teams in an effort to improve overall patch quality.

      --
      "I myself am made entirely of flaws, stitched together with good intentions."
    4. Re:Typical by Penguinisto · · Score: 4, Insightful

      if I had to guess, it might to be not tip off the cyber criminals using the exploits that will be patched. its the only logical reason I can think of

      It is a logical reason, but it only means that the patching itself will be delayed in many cases, as testing by the end-users (well, the professional ones) won't have advanced notice to work up potential courses of action to take.

      What I mean is, if a sysadmin knows there's a patch for IIS coming out, he would have a few days to at least work out a quick plan for CAB/Change-Control in order to test and implement it - now he gets to wait until Patch Tuesday to even work up a plan, because he's not going to know what's coming out and what components will be affected.

      No skin offa mine (I work in the *nix world, and even my workstation is a Mac), but I can certainly see where this change would cause a bit of an inconvenience, and it wouldn't really do much more than shift the timetable over for the 0-day exploit crowd.

      --
      Quo usque tandem abutere, Nimbus, patientia nostra?
    5. Re:Typical by mark-t · · Score: 2

      What.... like cyber criminals aren't capable of getting a premier account themselves?

      People have posited plenty of plausible reasons why MS might be doing this here, but this is most certainly not one of them.

      --
      File under 'M' for 'Manic ranting'
    6. Re:Typical by mark-t · · Score: 4, Insightful

      Presumably, a sysadmin in a corporate environment would get a premier account so that they *can* make such necessary plans.

      No news here, really. All this is a story about is a company that's decided to charge for something they had previously been giving away for free with the expectation that they can generate more revenue.

      --
      File under 'M' for 'Manic ranting'
    7. Re:Typical by ganjadude · · Score: 2, Informative

      thats a good point as well. Making hard deadlines for software is generally a bad idea

      --
      have you seen my sig? there are many others like it but none that are the same
  2. In other words. . . by smooth+wombat · · Score: 4, Insightful

    they're continuing their newly established tradition of hiding things from users.

    Windows 7 started the trend of burying what used to be easily accessible options. What used to take 2 or 3 steps to accomplish was now, in most cases, doubled, not to mention neutering the Start menu.

    Then came Windows 8/8.1 where you couldn't find anything in general, including Control Panel, because everything was a tile with some random combination of characters for a description.

    Windows 10 appears to be continuing down this path though they did graciously open the desktop back to the user but still restrict what you can see in the Start menu.

    Now they've gone and gotten rid of pre-notification of what the patches they're offering are all about.

    At this rate, in a few years there will be nothing but a black hole from which is emitted a particle of Hawking radiation, leaving the user completely in the dark until the moment it arrives.

    --
    We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
    1. Re:In other words. . . by ganjadude · · Score: 4, Interesting

      i really dont think windows 7 made it harder to find things, in fact quite the opposite. Between the expanded functionality in the start menu over XP and previous versions, and the faster indexing making search usable finally. Im with you on windows 8 however, it, to me is useless without classic shell installed

      --
      have you seen my sig? there are many others like it but none that are the same
    2. Re:In other words. . . by jones_supa · · Score: 2

      In Windows 8 they also removed the system tray icon notifying about new updates when the option "check for new updates but let me choose when to download and install them" is selected.

    3. Re:In other words. . . by Anrego · · Score: 3, Interesting

      I still remember trying to set up an older printer on my mothers laptop with windows 8. I spent what felt like a half hour clicking around trying to find the damn printer settings. Eventually I gave up and googled it. The instructions on _Microsoft's_ site used the built in search feature. Even they couldn't figure out the convoluted path to the "add new printer" page. This was my first (though unfortunately not last) experience with windows 8, and subsequent exposure has not gone any better.

      They've sinced changed it, but you can still use archive.org to view the old version:

      Current: http://windows.microsoft.com/e...
      Old: https://web.archive.org/web/20...

  3. Re:Download a patch today by Anonymous Coward · · Score: 2, Insightful

    I did that and now none of my programs work!