Security Icon Microsoft

After the switch on February 14, IT professionals will have to rely on the new portal for details about patches. To get accustomed with the new system, it is recommended to check out the Security Updates Guide preview which is already accessible.

The Security Bulleting numbering system, using formats like “MS17-00x”, will also go away next month. Instead of those bulletin numbers, Microsoft plans to identify its patches using “vulnerability ID numbers and KB [Knowledge Base] Article ID numbers”, the company explaines in a Security Updates Guide FAQ.

Screen-scraping to be eliminated

Moreover, the Security Updates Guide supports a new RESTful API to pull security information into applications, which eliminates screen-scraping of security bulletin web pages.

Users can access documentation on this new API by clicking the Developer tab in the Security Updates Guide as long as they have a Microsoft account, according to Microsoft’s FAQ. “The first time that you use the API you must create a key.  It will be saved for subsequent uses.

Microsoft tools’ update incoming

Microsoft will also update its own tools for managing software updates, namely Windows Server Update Services and System Center Configuration Manager, to address the new security updates approach. The company, however “cannot guarantee that all third-party software will work in the future” with the new portal, the FAQ stated.

The so-called “out-of-band” security update releases (patches issued outside the usual monthly schedule) will still be available. In addition, Microsoft promises in its FAQ that previously published security bulletin documents will not be moved from their present locations.

The end of Security Bulletins

Microsoft already stopped publishing the Security Bulletins portal on January 10, 2017, releasing a very light -last- update on just four products (Windows, Microsoft Edge, Microsoft Office and the Adobe Flash Player).

This week’s Tuesday patch was the last one for the venerable portal that is going to be replaced next month, concluding the long history of the Security Bulletins. Microsoft briefly explained this coming portal change already back in November 2016.