Microsoft announced on Wednesday that the company will release more information on coming patches through its Advanced Notification Service (ANS) and modify the layout of its security bulletins starting in June.
Under the changes, which were requested by customers, Microsoft's Security Response Center will release advanced notifications and security bulletins under the same URLs, adding in-depth vulnerability information on the second Tuesday each month to the summary of information released five days before as part of its Advanced Notification Service. The summarized information will include maximum severity and impact of the flaws, detection information and the names of affected software.
"Weve received positive feedback on the ANS, but customers have also told us that additional information would be even more helpful," Mark Miller, security program manager for Microsoft, said in a posting to the MSRC's blog. "Based on that, we are incorporating additional detail about the upcoming security updates."
The additional information and formatting changes are the latest refinements to Microsoft's vulnerability notification services. The software giant moved to monthly patches in October 2003 and started giving advanced notice in November 2004. In May, the company released fixes for 19 security holes, including critical vulnerabilities in Microsoft Office and Internet Explorer.
Posted by: Robert Lemos