Language Selection

English French German Italian Portuguese Spanish

M$ Launches Security Advisory

Filed under
Microsoft
Humor

Microsoft has unveiled a new security advisory service to plug the gap between public disclosure of a vulnerability and the availability of a patch.

Dubbed Microsoft Security Advisories, the service is a pilot program begun in response to customer requests, Stephen Toulouse, the program manager of Microsoft Security Research Center (MSRC), said in an interview.

"When we got down to it, in the absence of a bulletin, customers wanted us to provide authoritative guidance on security related topics," Toulouse said.

Microsoft's security advisories--the first two of which were issued Tuesday--will offer early workarounds for vulnerabilities before a patch is ready. "If there was public vulnerability posted, the advisories could be used to provide guidance on workarounds," said Toulouse.

In cases such as those, expect to see the advisories morph into actual bulletins, Toulouse added. "We'd put the advisory up, and when a patch is ready, use it to point to the bulletin," he noted.

The advisories will follow the general format of the existing security bulletins, because feedback for the latter has been positive and users are familiar with the layout. The two advisories rolled out Tuesday, for example, offer subsections titled "Overview" and "Frequently Asked Questions," just as do Microsoft's monthly security bulletins.

Full Story.

More in Tux Machines

Ubuntu 14.10 Released, openSUSE GNOME Peek, and Debian Multimedia

ubuntuThe release of Ubuntu 14.10, codenamed Utopic Unicorn, was the big news today. But in other news, Kostas Koudaras has a sneak peek of GNOME in upcoming openSUSE 13.2 and Alessio Treglia shared some bits on Debian 8.0 multimedia. Miguel de Icaza announces Mono for the Unreal Engine and, finally, Erich Schubert says avoiding systemd isn't hard at all. Read more

eBay joins open-source community with ultra-fast OLAP engine for Hadoop

Like arch-rival Amazon.com, the soon-to-split eBay Inc. is something of an oddity in that it hasn’t historically been a big contributor to the open-source community. But the e-commerce pioneer hopes to change that with the release of the source-code for a homegrown online analytics processing (OLAP) engine that promises to speed up Hadoop while also making it more accessible to everyday enterprise users. Read more

DHS report makes recommendations for greater open source software use in government

A report commissioned by the Homeland Security Department's Science and Technology Directorate say barriers to using and developing open source software must be addressed as IT budgets across government continue to tighten. Read more

Calculate Linux Provides Consistency by Design

Calculate Linux has a rather interesting strategy for desktop environments. It is characterized by two flavors with the same look and feel. That does not mean that the inherent functionality of the KDE and Xfce desktops are compromised. Rather, the Calculate Linux developers did what you seldom see within a Linux distribution with more than one desktop option: They unified the design. Read more