For the past year or so, Patch Tuesday has been remonikered Update Tuesday. In a blog post from the Microsoft Security Response Center on Thursday, January 8, Chris Betz discussed the topic of “Evolving Microsoft’s Advance Notification Service in 2015.” To cut directly to the chase, this post announces that distribution of or access to the company’s Advance Notification Service (ANS) is changing, to wit:
Moving forward, we will provide ANS information directly to Premier customers and current organizations involved in our security programs, and will no longer make this information broadly available through a blog post and web page.
What does this mean? Because MS has observed that even large customers no longer make extensive use of ANS, MS is pointing customers (and end-users) to their myBulletins dashboard on TechNet instead. This service requires users to log in with a Microsoft Account, and to set up that dashboard by picking the names of products, platforms, and development environments in use in their workplaces, so that the service will reflect only those Security Bulletins that affect those things. Here’s a snippet from the Dashboard I set up for my office network for the period from October 1, 2014 through today, January 10, 2015.
The dashboard at the upper right summarizes relevant metrics, with detail access to related Security Bulletins in list form below.
Given the volume of Security Bulletins that emerge on a monthly basis nowadays (usually anywhere from half-a dozen to three times that many, with an average of just over 7 per month for 2014, for example) it’s easy for Microsoft to position this screening of bulletins on the basis of what admins are most inclined to attend to anyway. Advance notification certainly served me (and others who follow Windows Security topics) with a tantalizing view of what the next Update Tuesday would bring to Windows Update, but beyond that narrow audience I have no trouble understanding why a dashboard approach tuned to items actually in use (and hence also, subject to security exploits and vulnerabilities) makes more sense in an increasingly active security environment.
Be sure to check out myBulletins to see what you think of it yourself. It’s the new face for Windows Security (and other) Updates. Cheers!
[Thanks to Brink at Windows 8 Forums for bringing this to my attention in his news posting on 1/9/2015.]