Microsoft security bulletins’ days are numbered as February approaches

By Kevin Parrish Published January 20, 2017

After serving up web-based security bulletins since around 1998, Microsoft will replace this service with the Security Updates Guide next month. Microsoft announced the end of its security bulletins in November 2016, stating that the last security bulletin would be the January 2017 Update Tuesday release. After that, all update information would be published on the new Security Updates Guide portal instead.

“Our customers have asked for better access to update information, as well as easier ways to customize their view to serve a diverse set of needs,” Microsoft stated. “Instead of publishing bulletins to describe related vulnerabilities, the new portal lets our customers view and search security vulnerability information in a single online database.”

Recommended Videos

Since November, Microsoft has served up the new Security Updates Guide portal as a preview. However, the site will kick into full gear on February 14, which will be the monthly Patch Tuesday rollout. Traditional security bulletins published as individual web pages actually ended on January 10, and all security update information published after that date will only be provided on the new portal.

Please enable Javascript to view this content

According to Microsoft’s FAQ, the company not only retired security bulletin webpages, but security bulletin ID numbers as well. Thus, instead of assigning an update with a bulletin ID, Microsoft will rely on vulnerability ID numbers and KB Article ID numbers instead. However, all previously published traditional security bulletin web pages will remain at the present online location.

Microsoft said in November that once the new portal goes live, users will have the ability to sort and filter security vulnerability and update content. Even more, users will be able to “drill down” into the database to access detailed security update information that matters the most. There will also be a new RESTful API that will eliminate screen-scraping and other outdated methods of assembling working databases from security bulletin webpages.

“The historical bulletin search spreadsheets will continue to be available on TechNet,” the FAQ currently states. “With the new Security Updates Guide, you can create similar spreadsheets that relate individual CVEs to affected software. The columns relevant to bulletins specifically will be removed.”

The FAQ adds that users of the Security Updates Guide portal can access the dashboard without having to log into TechNet. However, if users click on the Developer tab to access the RESTful API, they will be asked to sign into their Microsoft account. Once that is done, users must then create a key to use the API, which will be saved in the account for “subsequent uses.”

As for third-party management tools that previously accessed the security bulletins, Microsoft said that it is working with these tool providers to adjust their software to work with the new Security Updates Guide database. Microsoft also warned that it can’t guarantee these tools will even work with the new portal once it kicks into full gear in February.

Topics

Former Digital Trends Contributor

Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…

Computing

The latest Windows update is breaking VPN connections

Windows Update running on a laptop.

Microsoft has acknowledged that the Windows security updates for April 2024 (KB5036893 for Windows 11, KB5036892 for Windows 10) are causing disruptions to virtual private network (VPN) connections across various client and server platforms. According to information on the Windows health dashboard, devices running Windows may experience VPN connection failures following the installation of either the April 2024 security update or the April 2024 non-security preview update.

The company has also stated that it is actively investigating user reports regarding these issues and will share more details in the coming days. The impacted Windows versions include Windows 11, Windows 10, and Windows Server 2008 onward.

Computing

Microsoft may fix the most frustrating thing about Windows updates

Windows 11 updates are moving to once a year.

Most Windows users will agree that one of the most annoying things about the operating system is the updates. While Windows Updates are necessary, they often tend to come up at the worst possible time, interrupting work and gaming sessions with persistent reminders that the system needs to reboot. Microsoft might be fixing that problem in the upcoming Windows 11 24H2 build, but it's still too early to bid farewell to those ill-timed reboots.

As spotted in the latest Windows 11 Insider Preview Build 26058, Microsoft is testing "hot patching" for some Windows 11 updates. Hot patching refers to a dynamic method of updating that often doesn't change the software version and may not even need a restart. In the context of Windows 11, it's pretty straightforward -- Windows will install the update, and you won't have to reboot your system.

Computing

Microsoft plans to charge for Windows 10 updates in the future

Windows 11 and Windows 10 operating system logos are displayed on laptop screens.

Microsoft has confirmed it will offer security updates for Windows 10 after the end-of-life date for the operating system for consumer users but for a fee.

The brand recently announced plans to charge regular users for Extended Security Updates (ESU) who intend to continue using Windows 10 beyond the October 14, 2025 support date.