Language Selection

English French German Italian Portuguese Spanish

M$ Launches Security Advisory

Filed under
Microsoft
Humor

Microsoft has unveiled a new security advisory service to plug the gap between public disclosure of a vulnerability and the availability of a patch.

Dubbed Microsoft Security Advisories, the service is a pilot program begun in response to customer requests, Stephen Toulouse, the program manager of Microsoft Security Research Center (MSRC), said in an interview.

"When we got down to it, in the absence of a bulletin, customers wanted us to provide authoritative guidance on security related topics," Toulouse said.

Microsoft's security advisories--the first two of which were issued Tuesday--will offer early workarounds for vulnerabilities before a patch is ready. "If there was public vulnerability posted, the advisories could be used to provide guidance on workarounds," said Toulouse.

In cases such as those, expect to see the advisories morph into actual bulletins, Toulouse added. "We'd put the advisory up, and when a patch is ready, use it to point to the bulletin," he noted.

The advisories will follow the general format of the existing security bulletins, because feedback for the latter has been positive and users are familiar with the layout. The two advisories rolled out Tuesday, for example, offer subsections titled "Overview" and "Frequently Asked Questions," just as do Microsoft's monthly security bulletins.

Full Story.

More in Tux Machines

SteamOS A Linux Distribution For Gaming


Picture

SteamOS is a Debian Linux kernel-based operating system in development by Valve Corporation designed to be the primary operating system for the Steam Machine game consoles. It was initially released on December 13, 2013, alongside the start of end-user beta testing of Steam Machines.
 

Read At LinuxAndUbuntu

KDE Applications 14.12.3 Officially Released

KDE Applications 14.12 has been released by its makers, and it’s a regular maintenance update. It comes with a ton of bug fixes and will be soon available in various repositories. Read more

Understanding The Linux Kernel's BPF In-Kernel Virtual Machine

BPF continues marching forward as a universal, in-kernel virtual machine for the Linux kernel. The Berkeley Packet Filter was originally designed for network packet filtering but has since been extended as eBPF to support other non-network subsystems via the bpf syscall. Here's some more details on this in-kernel virtual machine. Alexei Starovoitov presented at last month's Linux Foundation Collaboration Summit in Santa Rosa about BPF as an in-kernel virtual machine. The slides have been published for those wishing to learn more about its state and capabilities. Read more

Calligra 2.9.0 is Out

Packages for the release of KDE's document suite Calligra 2.9 are available for Kubuntu 14.10. You can get it from the Kubuntu Backports PPA. They are also in our development version Vivid. Read more