MS Sec Notification mailing list archives
Improvements to Microsoft Security Reponse Communications
From: "Microsoft" <0_41167_04BF067D-4CF8-4245-B5C1-58573E5746A8_US () Newsletters Microsoft com>
Date: Mon, 18 Nov 2002 23:50:33 -0800
-----BEGIN PGP SIGNED MESSAGE----- Dear Microsoft Customer, I'm taking the unusual step of sending this mail to the Microsoft Security Notification Service mailing list to tell you about some changes in communications practices that the Microsoft Security Response Center is making. Customer feedback tells us that, while technical professionals value our security bulletins, many end-users find them overly detailed and confusing. In addition, end-users who subscribe to the Microsoft Security Notification Service receive bulletins that are of interest only to developers or system administrators. To help customers, for each issue, we will now create a less technical end-user security bulletin that we will host at http://www.microsoft.com/security/. We will continue to release the current security bulletins targeted to technical professionals. The new end-user security bulletins will describe straightforward steps that customers can take to help keep their systems secure. In addition, before year's end, we will create a new End User Security Notification Service that will notify customers of security issues in end-user-oriented products and provide a link to the appropriate end-user security bulletin. The TechNet security bulletins will continue to include technical details that enable IT professionals to determine where and whether a patch is needed or whether workarounds are an appropriate alternative. We have also received feedback that, while many customers rely on our Security Bulletin Severity Ratings to help them decide which patches to apply, they find that the ratings fail to clearly identify the most serious issues. There is also a widespread feeling that the Severity Ratings are difficult to understand and apply. For these reasons, we have modified the Severity Rating criteria to help customers more easily evaluate the impact of security issues. We hope that this more prescriptive guidance will help you distinguish the most urgent security issues. I encourage you to review the updated Microsoft Security Response Center Security Bulletin Severity Rating System at http://www.microsoft.com/technet/security/policy/rating.asp Microsoft is committed to help keep your systems safe. As part of that commitment, we regularly review customer feedback and update our security response process to ensure that we are doing all we can to meet your needs. We appreciate your feedback and hope that you will find that these changes help you keep your systems secure. Thank you, Steve Lipner Director of Security Assurance Microsoft Corp. -----BEGIN PGP SIGNATURE----- Version: PGP 7.1 iQEVAwUBPdkuIY0ZSRQxA/UrAQEm4wf+MJEySxj3zqhSIKIQVSJ2ZGMLQQSm6mpX ZLgNPmzRysl9fsXjhTj+xk6vPTMig3IWgG9qYZu88wnIvLcoTaunwC4jJ+Wgk2xG o3uXU5ZoilIvSdTAPqLKB2EagH7EKYpB90+R1M9JNZbHbZolCQtbxIpic/pH55IQ fhjN4vYpn9iDnZ2FlgPL2dcPmMDa1PcKPHAyOTDxeoM9ioHTno8wCM8v+mjL0GLn zyC4yaeEl0OpPUiRC8CQTKjGNmnP1W9STgSr490PUn42+DtXWLTn6Y8gkr8dxFPo gU9RMYPpd6+v8wSe1taoQTJTwqJhYYHODetKVNuGK00oNs229YhyMA== =tkoQ -----END PGP SIGNATURE----- ******************************************************************* You have received this e-mail bulletin because of your subscription to the Microsoft Product Security Notification Service. For more information on this service, please visit http://www.microsoft.com/technet/security/notify.asp. To verify the digital signature on this bulletin, please download our PGP key at http://www.microsoft.com/technet/security/notify.asp. To unsubscribe from the Microsoft Security Notification Service, please visit the Microsoft Profile Center at http://register.microsoft.com/regsys/pic.asp If you do not wish to use Microsoft Passport, you can unsubscribe from the Microsoft Security Notification Service via email as described below: Reply to this message with the word UNSUBSCRIBE in the Subject line. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site at http://www.microsoft.com/security.
Current thread:
- Improvements to Microsoft Security Reponse Communications Microsoft (Nov 18)