Language Selection

English French German Italian Portuguese Spanish

M$ Launches Security Advisory

Filed under
Microsoft
Humor

Microsoft has unveiled a new security advisory service to plug the gap between public disclosure of a vulnerability and the availability of a patch.

Dubbed Microsoft Security Advisories, the service is a pilot program begun in response to customer requests, Stephen Toulouse, the program manager of Microsoft Security Research Center (MSRC), said in an interview.

"When we got down to it, in the absence of a bulletin, customers wanted us to provide authoritative guidance on security related topics," Toulouse said.

Microsoft's security advisories--the first two of which were issued Tuesday--will offer early workarounds for vulnerabilities before a patch is ready. "If there was public vulnerability posted, the advisories could be used to provide guidance on workarounds," said Toulouse.

In cases such as those, expect to see the advisories morph into actual bulletins, Toulouse added. "We'd put the advisory up, and when a patch is ready, use it to point to the bulletin," he noted.

The advisories will follow the general format of the existing security bulletins, because feedback for the latter has been positive and users are familiar with the layout. The two advisories rolled out Tuesday, for example, offer subsections titled "Overview" and "Frequently Asked Questions," just as do Microsoft's monthly security bulletins.

Full Story.

More in Tux Machines

Ultimate Linux Mint 1.4 Looks Much Better than Its Linux Mint Cinnamon Base – Gallery

Ultimate Linux Mint 1.4, a Linux distribution based on Linux Mint 17 Qiana Cinnamon Edition 64-bit, has been released and is available for download. Read more

Matching databases to Linux distros

Relational database management systems (RDBMSs) aren’t the sort of thing to get most folk out of bed in the morning – unless, of course, you happen to think they’re one of the most brilliant concepts ever dreamed up. These days you can’t sneeze without someone turning it into a table value in a database somewhere - and in combination with the freely available Linux operating system, there’s no end to them. Most Linux distros make it almost trivial to add popular DBMSs to your system, such as MySQL and MariaDB, by bundling them in for free in their online app stores. But how do you tell which combination - which Linux distro and which DBMS - will give you the best performance? This week we've revved up the Labs servers to ask the question: what level of performance do you get from OS repository-sourced DBMSs? Read more

The Curious Case of Raspberry Pi Consumerism

I find the attitude of many within the Raspberry Pi community to be strange and offensive. I first discovered this odd phenomenon (odd because it contradicts the ethos of the project's academic foundations) back when it first started, as many within the Raspberry Pi community took an extremely hostile attitude toward academic freedom, apparently in defence of various parties' highly dubious intellectual monopolies (Broadcom and MPEG-LA, for example). I pointed out the irony and hypocrisy of their attitude at the time, explaining that they were more than happy to leech Free (as in freedom) Software for their own benefit, but then balked at the prospect of freely sharing the results, and in particular this contradicted their stated academic goal of facilitating better computer education in UK schools, an environment that rightly demands open access to knowledge. Read more

Google Chrome 38 Beta Brings New Guest Mode and Easier Incognito Mode Switching

The developers have explained that the user switching feature has been redesigned and it will make changing profiles and into the incognito mode a lot simple. They have also added a new experimental Guest mode, a new experimental UI for Chrome supervised users has been implemented, and numerous under-the-hood changes have been made for stability and performance. "This release adds support for the new element thanks to the hard work of community contributor Yoav Weiss, who was able to dedicate his time to implementing this feature in multiple rendering engines because of a successful crowd-funding campaign that raised more than 50% of its funding goal." Read more