If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
No more MS security bulletins
Story he
https://it.slashdot.org/story/17/04/...rity-bulletins Microsoft is no longer issuing public, numbered explanations of bug. In the future the details of bugs such as the recent MS word attack may need to be researched via 3rd-party sites. (Which was the case with the Word bug, anyway, because MS hadn't officially recognized it when news came out.) The alternative is to use a new private system. The new system is a searchable database but requires javascript in the browser, becoming a member, logging in to microsoftonline.com, and being tracked by numerous entities such as omniture and webtrends. https://portal.msrc.microsoft.com/en...urity-guidance |
Ads |
#2
|
|||
|
|||
No more MS security bulletins
On Thu, 13 Apr 2017 09:20:28 -0400, in alt.comp.os.windows-10, Mayayana
wrote: Story he https://it.slashdot.org/story/17/04/...rity-bulletins Microsoft is no longer issuing public, numbered explanations of bug. In the future the details of bugs such as the recent MS word attack may need to be researched via 3rd-party sites. (Which was the case with the Word bug, anyway, because MS hadn't officially recognized it when news came out.) The alternative is to use a new private system. The new system is a searchable database but requires javascript in the browser, becoming a member, logging in to microsoftonline.com, and being tracked by numerous entities such as omniture and webtrends. https://portal.msrc.microsoft.com/en...urity-guidance I get a weekly update from US-CERT. Homeland Security releases all the bugs Microsoft patches on a given Patch Tuesday the next Monday (The release day for the weekly bulletin is Monday). https://public.govdelivery.com/accou...subscriber/new Go ahead and sign up. Microsoft's newsleter is redundant. There was never a good reason to know ahead of the patch every bug that is out there. In fact, if it gave too much detail, it would give black-hats a place to look for a vulnerability. CERT is quite comprehensive in its descriptions. OTOH, the patches still have KB numbers and Knowledge Base articles, but these contain a minimal description of what's actually patched. I'd like to see MS improve the KB articles. Here's the KB article for the latest rollup for v1703 Creators Update: https://support.microsoft.com/en-us/...date-kb4015583 You can easily find the KB #s in Windows Update history. -- Zag No one ever said on their deathbed, 'Gee, I wish I had spent more time alone with my computer.' ~Dan(i) Bunten |
#3
|
|||
|
|||
No more MS security bulletins
Mayayana wrote:
Story he https://it.slashdot.org/story/17/04/...rity-bulletins Slashdot never has the actual story. They only provide a synopsis (aka "news about news") and a link to the actual article, which is over at: http://www.computerworld.com/article...ral-stays.html (short URL: http://tinyurl.com/kd3jbkp) Microsoft is no longer issuing public, numbered explanations of bug. In the future the details of bugs such as the recent MS word attack may need to be researched via 3rd-party sites. (Which was the case with the Word bug, anyway, because MS hadn't officially recognized it when news came out.) So they're bringing the Windows 7 updates (obviously an OS they discontinued support) in line with their vague updates for Windows 10. Yeah, I expected to see that. Why would they still do it for Windows 7 if they're not doing it for Windows 10? Microsoft has been decreasing their documentation on updates for quite awhile now. It has been noticeable for over a year that details are often missing and increasingly so. Used to be you could review each update, get details, and determine if they applied to your setup (who the fart needs Skype updates that doesn't have Skype installed) or determine if you wanted them (do you want Microsoft to spy on you better, er, their telemetry updates?). The details were linked to the update and there were links in those articles to others to give you more info about the update. The alternative is to use a new private system. The new system is a searchable database but requires javascript in the browser, becoming a member, logging in to microsoftonline.com, and being tracked by numerous entities such as omniture and webtrends. https://portal.msrc.microsoft.com/en...urity-guidance Where did you have to register to become a member? Where did you have to login? I'm not a member, did not have to login, but I could still look at the articles and even refine the search by product, version, etc (and why Javascript is required because it is an dynamic web page designed for user interaction, not just for following a bunch of HTML hyperlinks ad nauseum). I use uMatrix (and uBlock Origin) in Firefox. They show no connections or links to Omniture and Webtrends. However, maybe that requires navigating to a different web page then where I landed. |
#4
|
|||
|
|||
No more MS security bulletins
"VanguardLH" wrote
| https://portal.msrc.microsoft.com/en...urity-guidance | | Where did you have to register to become a member? Where did you have | to login? I didn't and wouldn't become a member. Maybe the script was the problem. The link above forwarded me to login.microsoftonline.com, so I assumed one needed to be a microsoftonline member. Maybe they already know you or perhaps you have a cookie they liked. |
#5
|
|||
|
|||
No more MS security bulletins
On 13/4/2017 6:20 AM, Mayayana wrote:
Microsoft is no longer issuing public, numbered explanations of bug. In the future the details of bugs such as the recent MS word attack may need to be researched via 3rd-party sites. (Which was the case with the Word bug, anyway, because MS hadn't officially recognized it when news came out.) Not very interesting... |
Thread Tools | |
Display Modes | Rate This Thread |
|
|