none
Bring the old Security Bulletins back

    Question

  • Please consider bringing the old Security Bulletins back. If the individual bulletins cannot be brought back, the monthly summary should DEFINITELY remain and include links out to the Security Update Guide.

    While it's appreciated to have a searchable database in the Security Update Guide, it is too cumbersome to use to quickly get the information needed on Update Tuesday. Furthermore, many of the links in the guide were dead yesterday. To get the same information took way too many steps and required collaboration with other sources to confirm information.

    It seems the desire is to simply say, "The updates are in cumulative packages so you have to install everything anyway. Just trust us!" Unfortunately this does not fly in most organizations. We need to quickly ascertain where the risks are, are they actively exploited, are their any workarounds, etc. We don't know the CVE numbers to look up because these are newly presented to us. Saying that "Windows is impacted" is obvious, but we need to know HOW so we can examine and properly TEST these updates.

    Please don't make the jobs of the IT professionals who depend on this information any harder. Thank you.
    Wednesday, April 12, 2017 4:01 PM

All replies

  • Agreed, It was way more work than it should have been to put our patch documentation together this month. In some cases (Office and IE updates) you listed the vulnerability and attack vector but for the roll-up it was just a paragraph about items that were fixed. The march bulletin (and the ones before it) was the proper way to do it and made my life MUCH easier.

    This was perfect:

    https://technet.microsoft.com/en-us/library/security/ms17-mar.aspx

    Wednesday, April 12, 2017 5:48 PM
  • Completely agree on all points in the several threads disliking the new format.

    I typically spend 2-3 hours to read through and determine what updates need to go to our systems, document, etc. I spent a solid 8 hours trying to make sense of everything today and get it organized, and I'm not close to being finished. I didn't like the format change a few months back but I learned t use it and live with it, what I had to go through today was an abomination. I download the spreadsheet with 670 lines of exploit info that I'm supposed to somehow find useful to determine what I need and why. It's terrible.

    Thursday, April 13, 2017 1:27 AM
  • We understand the concern about the changes made to both the Security Update Guide replacing the numerous KB’s of the past. The change is to align with the move from individual updates to the cumulative update process.

     

    The updated process for our Security Update Guide is covered in the recent blog covering this is found at https://blogs.msdn.microsoft.com/azuresecurity/2017/03/17/security-update-guide-ushers-in-a-new-era-of-microsoft-updates/

     

    The previous KBs have been replaced by the new portal at https://portal.msrc.microsoft.com/en-us/

    You can search the related CVE or MS17-* for what is pertaining

     

    In the case of searching the applicable patches for the related OS pease search on the platform such as Windows 7 – this will return what should be seen in WSUS for that platform and then you can see the most recent updates that are applicable via the cumulative update process. You no longer have 100’s of updates to approve but rather need to use the most recent cumulative for either security only or full.

     

    Chris Wojahn Sr. Escalation Engineer | Support Engineering -  Cloud & Infrastructure Solutions | Security & Incident Response Team

    Customer Services & Support | Microsoft Corporation

    Incident Response Reference Guide & Lessons Learned

    Your potential our passion.


    Chris Wojahn Escalation Engineer | Support Engineering - Cloud & Infrastructure Solutions | Security & Incident Response Team Customer Services & Support | Microsoft Corporation

    Friday, April 14, 2017 10:28 PM
    Owner
  • You can search the related CVE or MS17-* for what is pertaining

    Microsoft have also axed the MSxx-xxx number as the 'pivot' point for finding updates, which has made things even more complicated and cumbersome. Especially as the only way now to find updates on WSUS is using the KB number, as it's not possible to search on the CVE number. So you're having to manually search for every KB number you want to approve, rather than being able to search for a whole bunch of them based off a single MS bulletin ID number and bulk approve.

    I don't understand how this is an improvement of the process, nor how it is saving us time or making things easier.

    Honestly I know you've communicated random fragments of this forthcoming change across random Microsoft blogs, but Microsoft should have done a better job in making it a bit clearer. A bit notification in the bulletins in the last couple of months would have been a logical place as not everyone skims these blogs..

    Thursday, April 20, 2017 2:19 PM
  • yeah I like the old MS Security Bulletin format better than the new Security Update Guide site.
    Friday, April 21, 2017 11:27 PM
  • And fix the RSS feeds for KB articles while you're at it. They've been broken for months.
    Tuesday, April 25, 2017 6:38 PM
  • We understand the concern about the changes made to both the Security Update Guide replacing the numerous KB’s of the past. The change is to align with the move from individual updates to the cumulative update process.

    That's all well and good, but how hard is it to associate an MSSB number with a single set of cumulative updates?
    Friday, April 28, 2017 1:12 PM
  • Thanks a lot for your input. We support your request to 100%! Maybe we should raise an online petition/initiative.

    Kind regards

    Friday, April 28, 2017 3:24 PM
  • I highly endorse your request. Our patch monitoring relies on the Bulletins. I like the API and do not care about the UI of the Security Guide, but I demand a Identifier the summaries all KBs that fixes the same vulnerabilities, like it offered the Bullentin ID.


    Monday, May 08, 2017 1:17 PM
  • It would be an awesome help if you could query in wsus to get a list of all patches for a particular month to approve. For May, I can find a few searching for "2017-05", some by "May, 2017" but for most it is a grueling search by individual KB article numbers. OMG!!! For April I thought it was an easy search on April but found out later via self auditing I had missed a bunch. This has got to be fixed.
    Tuesday, May 09, 2017 6:17 PM
  • Agree completely.

    Not only is this database more cumbersome to navigate  but the newer articles contain less information than the older security bulletins.

    For example, this is one of the older bulletins: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx and this is one of the new bulletins: https://support.microsoft.com/en-us/help/4015550  The newer bulletin has no information on what patches are superseded, and no detailed information on resolved vulnerabilities.  Instead, the new bulletin has this:

    "For more information about the security vulnerabilities resolved, please refer to the Security Update Guide."

    which returns you back to the database.

    Monday, May 15, 2017 2:36 PM
  • I haven't seen such a poorly thought out and rolled out database in all my life, then again Microsoft made Access, nuf said.

    This new bulletin system is in one work "CRAP", it is not user friendly, it will take you in endless loops bringing you back to the main SUG page.  That is NOT more information, that is clearly a complete lack of information and respect for the IT professionals that have used those bulletins to keep their enterprises safe and working. 

    This hard line of "we will give your updates and you will LIKE IT! or ELSE!" is really off putting.  Should all businesses start looking to Linux or Mac if this is how Microsoft is going to be?

    We are unable to test new updates, determine if they will break anything, and when it does, which causes profit loss because we have to roll out some gigantic cumulative update, who will pay those costs?  It won't be Microsoft.  This new way of doing things might be ok for that golden goose, but it certainly isn't OK for anyone else.

    At the VERY LEAST, provide the same information that was provided in the bulletins, mitigating factors, affected systems and how they would be affected.  But this vague BS that says nothing other than just well written copy no actual information, is completely unacceptable.

    Thursday, June 08, 2017 2:32 PM
  • "For more information about the security vulnerabilities resolved, please refer to the Security Update Guide."

    which returns you back to the database.

    This bit is ridiculous.  It just throws you for a loop, and you are never able to get the detailed security details.
    Wednesday, June 14, 2017 9:20 PM
  • I have taken to using a third party solution to find the update information and a list of associated KB numbers. Now I can find the stuff to approve in WSUS easier.

    here is the link:

    Ghacks June 2017 listing of MS security updates


    "The only problem with troubleshooting is that sometimes trouble shoots back." "Network design is just like a stroll in the park. Jurassic Park, that is."

    Wednesday, June 14, 2017 10:03 PM