Microsoft Kills Off Security Bulletins (computerworld.com)

← Back to Stories (view on slashdot.org)

Microsoft Kills Off Security Bulletins (computerworld.com)

Posted by BeauHD on Wednesday April 12, 2017 @12:05PM from the more-work-for-admins dept.

Microsoft has officially retired the security bulletins this week, which were issued to detail "each month's slate of vulnerabilities and accompanying patches for customers -- especially administrators responsible for companies' IT operations," writes Gregg Keizer via Computerworld. "The move to a bulletin-less Patch Tuesday brought an end to months of Microsoft talk about killing the bulletins that included an aborted attempt to toss them." From the report: Microsoft announced the demise of bulletins in November, saying then that the last would be posted with January's Patch Tuesday, and that the new process would debut Feb. 14. A searchable database of support documents would replace the bulletins. Accessed through the "Security Updates Guide" (SUG) portal, the database's content can be sorted and filtered by the affected software, the patch's release date, its CVE (Common Vulnerabilities and Exposures) identifier, and the numerical label of the KB, or "knowledge base" support document. SUG's forerunners were the web-based bulletins that have been part of Microsoft's patch disclosure policies since at least 1998. Microsoft did such a good job turning out those bulletins that they were considered the aspirational benchmark for all software vendors.In February Microsoft canceled that month's Patch Tuesday just hours before the security updates were to reach customers, making the bulletins' planned demise moot. Microsoft kept the bulletins the following month as well, saying it wanted to give users more time to prepare for the change to SUG. Finally, when Microsoft yesterday shipped cumulative security updates for Windows, Internet Explorer, Office and other products, it omitted the usual bulletins.

49 of 89 comments (clear)

Min score:

Reason:

Sort:

still there by Anonymous Coward · 2017-04-12 12:23 · Score: 3, Informative

They're not really gone, they've just moved them into a searchable "security guidance" website. You can still find them and read through all the technical details.
Re:Security you say? by Anonymous Coward · 2017-04-12 12:33 · Score: 1

Get some new lawyers. There's no reason your code developed or compiled with GPL tools is required to also be licensed under the GPL according to the GNU GPL FAQ
"Can I use GPL-covered editors such as GNU Emacs to develop nonfree programs? Can I use GPL-covered tools such as GCC to compile them?
Yes, because the copyright on the editors and tools does not cover the code you write. Using them does not place any restrictions, legally, on the license you use for your code."
Remember this formula kids... by __aaclcg7560 · 2017-04-12 12:51 · Score: 1, Insightful

Microsoft = Job Security
1. Re:Remember this formula kids... by __aaclcg7560 · 2017-04-12 13:31 · Score: 1
  
  Do you talk about your job everyday?
  Only when I'm waiting for a script to finish running at work.
  
  I've heard your dumb life story 50 times already.
  You haven't heard my life story. If you did, you would be running out the door screaming in horror. My life story is very much like "Job: A Comedy of Justice" by Robert A. Heinlein.
2. Re:Remember this formula kids... by stooo · 2017-04-12 23:06 · Score: 1
  
  >> Microsoft = Job Security
  Nope. You never looked at Mass Layoff statistics of microsoft !
  
  --
  aaaaaaa
3. Re:Remember this formula kids... by Salgak1 · 2017-04-13 00:42 · Score: 1
  
  Depends. But I still have Install CDs for WinNT 4.0 and Win2000 Server and Workstation, and valid install keys for the 2000 CDs (Those of you who ran NT know how to do the serial for NT. . . ). As well as matching SQL and Exchange Servers for both generations, and all the Service Packs.
  And my old books. So, if needed, I do have skills and software that will work in a pinch.
  Then again, I also have current Fedora, Ubuntu, and Mint images. Methinks I'll stick with them (grin)
4. Re: Remember this formula kids... by __aaclcg7560 · 2017-04-13 02:31 · Score: 1
  
  Is that when you defied physics by eating 1500 calories a day, powerlifting and still weighing 350#?
  My powerlifting days were 10+ years ago. My current weight is 350 pounds, my calorie intake is 1,500 per day, and I'm trimming down nicely.
  
  Or writing your self published vanity book?
  My published writings in anthologies and ebooks can be found on my author website.
  
  Creimer is a self admitted troll.
  I love trolling the trolls on Slashdot.
  
  He can't be relied upon for jack shit, aside from bad writing.
  My writing must be good if you're harping on it all the time.
5. Re:Remember this formula kids... by __aaclcg7560 · 2017-04-13 02:40 · Score: 1
  
  No only the mediocre or below IT people found themselves out of work.
  The Great Recession ended my help desk career for which I'm thankful. I went to do PC refresh projects, build out a data center, and do InfoSec for government IT.
  
  Anyone with half decent skills had no issues.
  They were too busy hanging on to their mediocre jobs, collecting their 2% raises and feeling smug that they still had a job..
6. Re:Remember this formula kids... by __aaclcg7560 · 2017-04-13 02:44 · Score: 1
  
  youre really full of yourself. you are the reason this country is as bad as it is
  As a moderate conservative, I didn't vote for Trump.
  
  your parents should have beat you more.
  The court told my parents to stop beating me because it was borderline child abuse.
7. Re:Remember this formula kids... by __aaclcg7560 · 2017-04-13 02:49 · Score: 1
  
  Nope. You never looked at Mass Layoff statistics of microsoft !
  Good point. I need to rephrase that better.
8. Re:Remember this formula kids... by Thelasko · 2017-04-13 02:50 · Score: 1
  
  Microsoft = Job Security
  That formula applies to any undocumented spaghetti code.
  
  --
  One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
9. Re:Remember this formula kids... by stooo · 2017-04-13 03:41 · Score: 1
  
  Please do :)
  
  --
  aaaaaaa
10. Re:Remember this formula kids... by Highdude702 · 2017-04-13 05:53 · Score: 1
  
  HAHAHA moderate conservative? Have you seen your posts on here? You're as far left as it gets. And you lie like them too. How the fuck have you made it through life like this? You're lucky you didn't grow up where I did..
11. Re:Remember this formula kids... by eaglesrule · 2017-04-13 05:56 · Score: 1
  
  Microsoft = Job Security
  Only until astroturfing no longer requires a human actor to manage all the sockpuppet accounts. Or did you mean something else?
12. Re:Remember this formula kids... by __aaclcg7560 · 2017-04-13 06:09 · Score: 1
  
  You're lucky you didn't grow up where I did.
  I doubt it's any worse than being misdiagnosed as mentally retarded due to an undiagnosed hearing loss and getting treated like an idiot for eight years straight in Special Ed classes. When you're at the bottom of the hill, you learn how to deal with the shit that comes your way all the time.
13. Re:Remember this formula kids... by Tablizer · 2017-04-13 08:10 · Score: 1
  
  Microsoft = Job Security
  Also known as broken Windows economics.
  
  --
  Table-ized A.I.
14. Re:Remember this formula kids... by Highdude702 · 2017-04-14 01:13 · Score: 1
  
  what i just saw was "ohh poor me, now i have an excuse to act better than everybody else, and lie every chance i get while trying to make it look like i know what im doing" ive seen a lot of your posts, theyre not hard to spot. maybe they werent too far off.
15. Re:Remember this formula kids... by __aaclcg7560 · 2017-04-14 03:23 · Score: 1
  
  what i just saw was "ohh poor me, now i have an excuse to act better than everybody else, and lie every chance i get while trying to make it look like i know what im doing" ive seen a lot of your posts, theyre not hard to spot. maybe they werent too far off.
  You must be a Trump supporter. I can tell by the nonsensical quality of your writing, lack of grammar and punctuation. Didn't your mother tell that ignorance isn't a virtue?
burying the details.. by Anonymous Coward · 2017-04-12 13:08 · Score: 2, Informative

same thing with all the patch descriptions available on the windows update client. absolutely no details. even kb articles are often lacking.
then came "rollups" that don't say a damn thing about themselves or their contents, either, unless you go look for the info
and now we have monthly 'catch all' updates, again NO FUCKING INFO AVAILABLE.. and more often than not, even when you go looking for the details, still nothing.
combine that with now obscuring security announcements
and the force feeding of updates (even non security non bugfix varieties)
and windows ecosystem, as 'supported' by microsoft, is absolute and total shit. whereas before it was just trash. but at least it was trash you could pick through to find the bits and pieces you actually wanted.
Re:Security you say? by Anonymous Coward · 2017-04-12 13:33 · Score: 1

BtW, the "financial sector" is using Linux for the stock exchanges.
So obviously they are using linux without any problems.
Re:There is a secret parallel set of advisories st by Raenex · 2017-04-12 14:13 · Score: 1

RARE FACT
Do not spread!
Re:There is a secret parallel set of advisories st by Nethead · 2017-04-12 14:16 · Score: 1

Big customers get perks, go figure. Those big contracts allow M$ to hire people to publish and manage the security info.

--
-- I have a private email server in my basement.
Re:There is a secret parallel set of advisories st by Highdude702 · 2017-04-12 14:21 · Score: 1

Facts are not allowed on slashdot! Get out of here you menace!
Re:heh windoze by Nethead · 2017-04-12 14:22 · Score: 1

Hey son/daughter, as an old timer here let me clue you in a bit on how it works. If you take the time to post something like:
This is why windows SUGs O.o
You really should check that post as anonymous box. You don't want that type of post showing up ten years later. It's on the Internet forever, try not to look like a dork.

--
-- I have a private email server in my basement.
Microsoft by JustAnotherOldGuy · 2017-04-12 14:36 · Score: 4, Interesting

Why does Microsoft hate its user base so much?
Really, if this isn't one of the most anti-user things they've done (besides Windows 10) then I don't know what is.
It seems like every week they find a new way to say "Fuck you!" to their users.

--
Just cruising through this digital world at 33 1/3 rpm...
1. Re:Microsoft by driblio · 2017-04-12 21:16 · Score: 1
  
  Because it's worse, less accessible information.
2. Re:Microsoft by thegarbz · 2017-04-12 22:10 · Score: 1
  
  Really, if this isn't one of the most anti-user things they've done (besides Windows 10) then I don't know what is.
  Clearly you've never read a security bulletin. They were in the previous form worthless, detached from update process, difficult to understand when they did contain information, impossible to search properly, etc.
  Basically anything they do to change what they had would be an improvement in the eyes of both users and experts.
3. Re:Microsoft by Big+Hairy+Ian · 2017-04-12 22:20 · Score: 1
  
  Why does Microsoft hate its user base so much?
  Really, if this isn't one of the most anti-user things they've done (besides Windows 10) then I don't know what is.
  It seems like every week they find a new way to say "Fuck you!" to their users.
  They are playing the copy cat game and aping Apple. But surely if you want to talk about a corporation that hates it's user base surely Oracle is the big fish & M$, Apple and the rest are just minnows.
  
  --
  Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
4. Re:Microsoft by drinkypoo · 2017-04-12 23:39 · Score: 2
  
  Why does Microsoft hate its user base so much?
  Because they are so very, very stupid.
  Yes, I have a Win7 gamesmachine
  Yes, I am getting smarter: this will be my last wintendo
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
5. Re:Microsoft by coofercat · 2017-04-13 00:08 · Score: 1
  
  No.... it's because they fixed everything already.
6. Re:Microsoft by Tablizer · 2017-04-13 08:05 · Score: 1
  
  Why does Microsoft hate its user base so much?
  Because they have a near monopoly on biz IT and therefore don't give a flying fock.
  Same reason Google sold user privacy to the wolves: they have a near monopoly on searching and therefore don't give a flying fock.
  Same reason big telecoms suck in your area...
  
  --
  Table-ized A.I.
7. Re:Microsoft by TheFakeTimCook · 2017-04-13 08:32 · Score: 1
  
  Really, if this isn't one of the most anti-user things they've done (besides Windows 10) then I don't know what is.
  Clearly you've never read a security bulletin. They were in the previous form worthless, detached from update process, difficult to understand when they did contain information, impossible to search properly, etc.
  Basically anything they do to change what they had would be an improvement in the eyes of both users and experts.
  Ah, I thought it as just me that had a hard time actually finding any INFORMATION in those!
  But of course, if other MS "searchable Databases" are any indication, this database will be just as inscrutable as those bulletins.
8. Re:Microsoft by TheFakeTimCook · 2017-04-13 08:36 · Score: 1
  
  Why does Microsoft hate its user base so much?
  Really, if this isn't one of the most anti-user things they've done (besides Windows 10) then I don't know what is.
  It seems like every week they find a new way to say "Fuck you!" to their users.
  They are playing the copy cat game and aping Apple. But surely if you want to talk about a corporation that hates it's user base surely Oracle is the big fish & M$, Apple and the rest are just minnows.
  You HAVE to turn this into an Apple Hate-Fest?
  Why even mention them if you then go on to say Oracle is the worst (to which I agree)?
  Makes no sense. And isn't true, besides.
9. Re:Microsoft by sad_ · 2017-04-13 22:57 · Score: 1
  
  SteamOS welcomes you! :)
  
  --
  On a long enough timeline, the survival rate for everyone drops to zero.
Re:Security you say? by chipschap · 2017-04-12 15:40 · Score: 4, Insightful

Linux switches its license to something a little more fair
I don't know why I'm feeding a troll and and AC besides, but the licensing for Linux is about as fair as it comes. You can use it for free, you can do anything legal with it you wish, and you can profit internally all you want, and you can't take away someone else's rights to do the same.
I suppose you think Microsoft or Apple's proprietary licenses are fair.
Re:There is a secret parallel set of advisories st by raind · 2017-04-12 15:57 · Score: 1

I would mod you up - but then your a anon___coward, good post though.

--
Get up!
People still not updating Windows? by Neo-Rio-101 · 2017-04-12 18:21 · Score: 1

What's the point of this?
To hide vulnerabilities from hackers, so that people who simply refuse to update Windows can't be targets?
Is that it?

--
READY.
PRINT ""+-0
1. Re:People still not updating Windows? by Anonymous Coward · 2017-04-12 19:38 · Score: 1
  
  After the whole Windows 10 fiasco, people who continue to update Windows are playing Russian Roulette. Or they run Windows 10, wherein they no longer have a choice. Sometimes that lack of choice is a consequence of letting updates automatically and having no idea of what they were doing, and now, their computer and data belong to Microsoft. Assuming they can boot it up, anyway, since I've seen plenty of cases where Windows updates - any version of Windows, specifically - went horribly wrong, and I'm not alone.
  Updates are a security hole in and of themselves. It's unfortunate that the rote, mindless "correct" thing is to let Microsoft own your computer for you. This is part of a movement towards corporations owning all devices with computers in them, and the general public probably won't understand that until it's far too late (even though farmers using John Deere tractors already know it too well).
Access to the SUG web site by Waccoon · 2017-04-12 20:54 · Score: 1

Hooray, yet another EULA I have to sign.
Re:Security you say? by stooo · 2017-04-12 22:58 · Score: 1

>> Acceptance of the Gnu Eula requires a vow of poverty. You must not make any money by use of Gnu software such as Emacs and gcc
B.S. FUD
There's no such thing as a "Gnu Eula"
You are encouraged to make money with GCC.
You can sell it.

--
aaaaaaa
Apologists by StormReaver · 2017-04-13 00:55 · Score: 1

Cue the brainless Microsoft apologists who will try to spin this into something other than yet another reason to stop using Microsoft software.
Re:heh windoze by Highdude702 · 2017-04-13 01:04 · Score: 1

I have been on the internet for over 20 years. i know what its capable of. and i frankly dont care. if you want to judge me on something like this 10 years from now, once again i dont care.
Re:Fuck Security by Anonymous Coward · 2017-04-13 01:15 · Score: 1

So, they don't issue a longwinded summary that's a pain to search, but instead give you a nicely searchable database. And this is bad?
Re:Fuck Security by Maritz · 2017-04-13 01:28 · Score: 1

I suspect this person's aversion to microsoft is not due to this particular thing.

--
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
Lovely... by LVSlushdat · 2017-04-13 01:42 · Score: 1

So you poor sheep that *still* use Windows are getting further ass-raped.. No more information as to WHAT is actually *in* the updates they force on you... Kinda like MS saying "You'll take what we send you and you'll LIKE it.. You don't NEED to know whats *in* the package we send you..."
Soooooooooooooo damn glad I no longer deal with MS issues.. I did that for 20 years and when I retired, I decided my systems would be 100% Linux.. Couldn't be happier...

--
THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
Re:heh windoze by Maritz · 2017-04-13 01:48 · Score: 1

This dude, doesn't care, must be high

--
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
Re:heh windoze by Highdude702 · 2017-04-13 05:54 · Score: 1

Username checks out. O.o
About Time by EndlessNameless · 2017-04-13 06:38 · Score: 1

A searchable database is much more useful than a collection of individual bulletins that, at best, cross-reference each other.
It looks like a some people are getting angry about the headline without realizing that it is being replaced with a modern, searchable interface.
On a related note, the headline sucks. I guarantee 99% of people associate "killing off" with complete elimination of the functionality, compared to words like updating, reworking, or revamping---which imply the functionality remains in a new form. I do expect editors to understand the nuances of the words they use.

--

---
According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
Re:There is a secret parallel set of advisories st by EndlessNameless · 2017-04-13 06:50 · Score: 1

Microsoft has offered pre-release patches and even Windows source code to enterprises for years. I assume these organizations will get patch notes as they always have.
It is not available to anyone, but I imagine the US government qualifies. You generally need to be large enough that the accompanying NDA will hurt a lot if you disclose their code or vulnerabilities.
Your comment confuses the issues and deserves to sit at 0 or -1.

--

---
According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.