Microsoft has called a halt to free public advisories giving infosec workers a heads up about ‘Patch Tuesday’ updates before they hit, announcing that the service will be only available to premier customers from now on.
For more than ten years the software giant has operated an advance notification service (ANS), detailing what could be expected from the monthly security update so IT teams can prepare their systems and prioritise between the various upgrades.
However overnight, senior director of Microsoft’s security response centre (MSRC) Chris Betz, announced that the company is focussing its efforts on ‘optimising’ these advance notices for their biggest customers, and will no longer make them freely available.
“Moving forward, we will provide ANS information directly to Premier customers and current organisations involved in our security programs, and will no longer make this information broadly available through a blog post and web page,” he wrote on the MSRC blog.
“More and more customers today are seeking to cut through the clutter and obtain security information tailored to their organisations. Rather than using ANS to help plan security update deployments, customers are increasingly turning to Microsoft Update and security update management tools such as Windows Server Update Service to help organise and prioritise deployment.
“Customers are also moving to cloud-based systems, which provide continuous updating,” he explained.
Betz argued that the majority of Microsoft users were ignoring the ANS and instead opting to allow the updates to occur automatically. For those who relied on ANS but aren’t signed up to a premium contract with the company, he recommended using the tailored ‘myBulletins’ dashboard instead.
The dumping of the service comes just three months after Microsoft dissolved its Trustworthy Computing division and redistributed staff into other areas, as part of a restructuring effort set to slim the organisation by 18,000 staff.