Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Microsoft Ends Free Public Advance Security Notification Service

    By
    Sean Michael Kerner
    -
    January 9, 2015
    Share
    Facebook
    Twitter
    Linkedin
      Microsoft security notification

      For the last decade, every Microsoft Patch Tuesday was preceded by a Microsoft Advance Notification Service (ANS) update. In an unexpected move, Microsoft announced on Jan. 8 that it is ending the free general public availability of ANS, which will only be available to Microsoft premier customers and members of its security programs.

      ANS provided a brief preview of the patches set to debut on Patch Tuesday. The public release, however, never provided full details of the specific flaw but, rather, was a general overview of patched items to help provide some initial guidance.

      In many cases, whenever Microsoft is set to make a change to any of its software or security products or policies, the change is announced in advance. Ironically, there was no advance notification for the end of the Advance Notification Service.

      “We believe announcing a few days prior to an Update Tuesday cycle calls attention to this change more effectively than repeating it for a few months,” a Microsoft spokesperson told eWEEK via email. “The vast majority of customers don’t use ANS to prepare for security updates; and for those that do, it isn’t coming to an end.”

      Back in 2008, the Microsoft Active Protections Program (MAPP) debuted, providing the company’s partners with a program that gives details of vulnerabilities before the official patches are released. Though public availability of ANS is now changing, Microsoft’s spokesperson noted that there are no changes to MAPP.

      “Premier customers and current organizations that are part of our security programs, such as the Microsoft Active Protections Program, will continue to receive the ANS,” the spokesperson stated.

      Qualys, a MAPP partner, is working with Microsoft to get early access to security notifications, according to Wolfgang Kandek, Qualys CTO. He believes the ANS still matters and there is value in that IT administrators can read about specifics, exploits and priorities.

      “On one hand, I am certain that many IT admins wait until the bulletins are released and go directly to the technical details and form their own opinions; on the other hand, there are IT admins that appreciate the guidance,” Kandek told eWEEK. “Taking that guidance away is a step backward.”

      Marc Maiffret, CTO of BeyondTrust, also a MAPP partner, said the ANS is helpful in that it allows IT to plan better. While larger enterprises might have dedicated teams and partnerships with Microsoft, small and midsize businesses (SMBs) are likely to be impacted by the end of the public ANS. With the ANS changes, those SMBs will now have to wait until the morning of Patch Tuesday to know how their next few nights will be spent.

      For Rapid 7, which is not a MAPP partner, the publicly available advanced notification was valuable, said Ross Barrett, senior manager, security engineering at Rapid7. “It broadly informed the public about all affected platforms and products,” Barrett told eWEEK. “The new approach assumes that customers have comprehensive knowledge and understanding of what is in their environments so that they can seek out what patches to prepare for.”

      People don’t fully know what is in their environments, and making it harder for them to get relevant security warnings could be harmful, Barrett said.

      “On a personal note, as a security professional who works with coverage of Microsoft platforms, this just makes it harder for us to get ready for Patch Tuesday every month,” Barrett said.

      “Instead of generally knowing something about all the things that will be patched, though never exactly what, we now have to hunt down a list that we can never know is comprehensive.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×