Microsoft today buried among minor bug fixes patches for critical security flaws that can be exploited by attackers to hijack vulnerable computers. In a massive shakeup of its monthly Patch Tuesday updates, the Windows giant has done away with its easy-to-understand lists of security fixes published on TechNet – and instead scattered details of changes across a new portal: Microsoft’s Security Update Guide. Cris Thomas (aka Space Rogue), Strategist at Tenable Network Security commented below.
Cris Thomas (aka Space Rogue), Strategist at Tenable Network Security:
“Microsoft’s updated portal is a change in focus from bulletins to CVEs. This makes it much easier for people to find information by searching on industry standard CVE numbers instead of trying to find a specific bulletin. This isn’t a surprise change either. Microsoft announced this in a blog post back in November. However, when you update a decades-old process to something new, you’re always going to have some resistance. People generally don’t like change. This new portal should make it easier for many people to integrate Microsoft security information into other security products to help organizations better understand their networks and exposure, and hopefully result in a safer world for everyone.”