Microsoft's Shifts from Security Bulletins to the Security Update Guide

Microsoft is shifting the way the company distributes security and notifies customers about security related issues with the companies software portfolio.

Richard Hay, Senior Content Producer

March 17, 2017

2 Min Read
Microsoft's Shifts from Security Bulletins to the Security Update Guide

Microsoft first started pushing out their Security Bulletins back in 2004 to notify companies about security related patches for their software.

These notifications were used in conjunction with Patch Tuesday however, in recent years the company has realized that the process was not as efficient for them or customers.

That is why the new Security Update Guide was put together as a single portal where customers can search across the entire security update database to find content that is applicable to their software installations.

In a new blog post this week, the Microsoft Azure Security and Compliance team explains why this approach works better than the older security bulletins that were in use.

"In this model, you’ll use the Security Update Guide to get information about security updates each month. “Patch Tuesday” doesn’t go away, and there may sometimes still be out-of-band updates, but instead of getting information about updates from monthly security bulletins, you’ll be getting them from the Security Update Guide."

The Security Update Guide can be searched on several parameters including CVE or KB number, by product, release date, and customized to your own software focus.

You can access the new Security Update Guide at and you  read more at the Security Update Guide FAQ.

There is also an API associated with the Security Update Guide so you can develop your own app for retrieving data from this database to simplify your access/use of the information they provide.

This API is not yet available but I will update this article once Microsoft posts a write up about accessing and using it for the Security Update Guide.


Looking for an awesome, no-nonsense technical conference for IT Pros, Devs, and Devops? Check out IT/Dev Connections!

IT/Dev Connections

About the Author(s)

Richard Hay

Senior Content Producer, IT Pro Today (Informa Tech)

I served for 29 plus years in the U.S. Navy and retired as a Master Chief Petty Officer in November 2011. My work background in the Navy was telecommunications related so my hobby of computers fit well with what I did for the Navy. I consider myself a tech geek and enjoy most things in that arena.

My first website – – came online in 1995. Back then I used GeoCities Web Hosting for it and is the result of the work I have done on that site since 1995.

In January 2010 my community contributions were recognized by Microsoft when I received my first Most Valuable Professional (MVP) Award for the Windows Operating System. Since then I have been renewed as a Microsoft MVP each subsequent year since that initial award. I am also a member of the inaugural group of Windows Insider MVPs which began in 2016.

I previously hosted the Observed Tech PODCAST for 10 years and 317 episodes and now host a new podcast called Faith, Tech, and Space. 

I began contributing to Penton Technology websites in January 2015 and in April 2017 I was hired as the Senior Content Producer for Penton Technology which is now Informa Tech. In that role, I contribute to ITPro Today and cover operating systems, enterprise technology, and productivity.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like