Responding to customer requests for more detail, the company will debut a new ANS (Advanced Notification Service) format when it next comes out on June 7.
Microsoft has retrofitted two things: its advanced notifications of security bulletinsformerly so devoid of detail that customers complained it was like knowing a hurricane was coming but not whenand a finicky IE patch that wouldnt start IE for some users.
Responding to customer requests for more detail, the company will debut a new ANS (Advanced Notification Service) format when it next comes out on June 7. The ANS notice usually comes on the Thursday before Patch Tuesday.
The big change will be that each bulletin will carry information on maximum severity, vulnerability impact, detection and affected products. Previously, Microsoft provided those subsets of information only by platform.
Microsoft Security Resource Centers Mark Miller said in a blog post
that the change is meant to help out customers who need more information in order to brace for patch testing and deployment.
Click here to read more about a Microsoft ANI patch causing problems with third-party apps.
The ANS will now be published at the same URL used for a given months security bulletin summary page.
Microsoft is turning the previous site for the ANS into a simple landing page that describes the service. The June ANS will be located here
when it comes out on June 7 at 10 a.m. Pacific time. To subscribe to the ANS and other alerts, go here
The look of Microsofts security bulletins also is getting a makeover. Miller said customers like the level of detail but want to get to the severity and its applicability to their environment more quickly. The new design moves decision-making information to the top of the page, replaces a list of affected products with a table that links to update download locations, cuts down on repetition, clarifies section titles and rearranges content in a more intuitive fashion.
Microsoft has posted a demo
of what the new format will look like.
And regarding its fussy IE patch, MS07-027
: Some customers who change the default locations of the "Temporary Internet Files" after applying the patch have found that they see the File DownloadSecurity Warning dialog box after starting IE. After closing the dialog, those users couldnt open IE. Microsoft ascribed the glitch to different permissions on the custom Temporary Internet Files directory and the Temporary Internet Files directory.
The 1.2 version of the patch
gives two options and sets of instructions for fixing the glitch: Reset the Temporary Internet Files directory back to the default directory, or change the permissions on the custom directory to match.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.