The software vendor will provide severity ratings, and warn of the impact of the vulnerability and the affected software for each bulletin.
The current system informs users only of the number bulletins affecting a particular application and provides a severity rating for the most severe vulnerability.
Microsoft cited customer feedback as the driver behind the changes. The company has been under pressure to increase the information that it publishes through its Advance Notification Service.
The advance warnings are sent out each Thursday before the actual patch release on the second Tuesday of the month.
The notification system is designed to allow IT administrators to prepare for upcoming patches by telling them which applications need to be updated.
Microsoft limits the amount of data that it discloses, however, to prevent malware writers from using the information to exploit vulnerabilities.
Microsoft will also change the form of its security bulletins, allowing users to more easily gauge the severity of vulnerability and applicability to their environment.
_(20).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
