Microsoft stays security bulletins' termination

Credit to Author: Gregg Keizer| Date: Tue, 14 Mar 2017 13:17:00 -0700

Microsoft today postponed the retirement of the security bulletins that for nearly two decades have described in detail the month’s slate of vulnerabilities and accompanying patches.

The bulletins’ last stand was originally scheduled for January, with a replacement process ready to step in Feb. 14. Rather than a set of bulletins, Microsoft was to provide a searchable database of support documents dubbed the “Security Updates Guide” or SUG.

But just hours before February’s security updates were to be released, Microsoft announced that it was postponing the entire collection to March 14, citing “a last-minute issue” that might impact some customers. The Redmond, Wash. company never spelled out exactly what led it to decide on the unprecedented delay.

With last month’s postponement, users expected that the no-more-bulletins rule would go into effect today. Not so.

“Security bulletins were also published this month to give customers extra time to ensure they are ready to transition their processes,” wrote Microsoft’s Malicious Software Research Center (MSRC) team in a post to a company blog today.

Microsoft declined to answer follow-up questions about the bulletins, including whether they will be offered next month.

“The Security Update Guide is the authoritative location for information about our security updates and customers who previously used Security Bulletins should review their processes to make sure they are ready to transition,” a spokeswoman said in an emailed statement.

http://www.computerworld.com/category/security/index.rss