Last week, in conjunction with the release of the November Patch Tuesday updates, Microsoft unveiled a new central location where they will begin storing all security bulletins for Microsoft products.
It is called the Security Update Guide and will list the monthly Security Update Release Notes and each Security Bulletin for that month.
The release notes and security bulletins have not changed and look just like the documents we see each month around Patch Tuesday. It is also not a sign that security bulletins are going away as some sites have reported over the last few days.
They are now being stored in a searchable database in a single location to make them more accessible compared to them being scattered on different sites in the past.
As you can see the layout is very clean and lists the Release Notes and Security Updates in separate areas with full search and filtering capabilities.
According to Microsoft, this new portal will become the single source for security related bulletins in January 2017:
Security update information will be published as bulletins and on the Security Updates Guide until January 2017. After the January 2017 Update Tuesday release, we will only publish update information to the Security Updates Guide.
As I said earlier, many sites are reporting that this last sentence means security bulletins will no longer be published but that is a misinterpretation of what the company is planning to do with this important information. By moving it all to one central location, the data will be easier to find and use instead of needing to visit different sites to track it down.
This security related data will also remain public as proven by the fact I reviewed this month's security information without even logging into the Security Updates Guide with a Microsoft Account.
One other aspect of this change is the addition of an API to help system admins and others track this information remotely:
Leverage a new RESTful API to obtain Microsoft security update information. This eliminates the need for you to employ outdated methods like screen-scraping of security bulletin web pages to assemble working databases of necessary and actionable information.
This new centralized site and its accompanying API certainly does not indicate any attempt by Microsoft to hide or prevent users from seeing this information now or in the future.