Microsoft today said that it will change its advanced security notification methods as well as the layout of its monthly security bulletins.
The company typically publishes a notice a few days in advance of Patch Tuesday about the upcoming security bulletins. As of June, advanced notices won't be at the familiar static URL. Instead, they'll be at the URL that the company uses for its monthly security bulletin summaries after those bulletins have been published. When the actual bulletins are published, they'll replace the advanced notice at the URL.
So for example, May's summary page currently shows the May security bulletins because they've been published. The June page will contain advanced notice information after that information becomes available, a few days before Patch Tuesday, June 12. After the bulletins are officially released, the page will be updated with more complete bulletin information. The URL for the June advanced notification will be the same as May's except with a different month suffix--ms07-jun.mspx instead of ms07-may.mspx.
Microsoft will also move from providing very basic advanced notification information based only on platforms to providing information on a per-bulletin basis. The slightly expanded information for each advanced bulletin notice will include severity rating, potential impact analysis, detection information, and a list of affected software.
The company is also changing the layout of its security bulletins. In the new layout, Microsoft will move decision-making information to the top and "re-arrange \[other\] content to areas that make them more intuitive to find," said Microsoft Security Response Center team member Mark Miller. Microsoft will also improve section titles to be more intuitive and reduce some amount of repetitive content that occurs in some bulletins.
Microsoft posted a sample of the new bulletin layout for review so that administrators can familiarize themselves with it prior to the release of the next batch of security bulletins.