Microsoft is changing the way it documents its monthly security patches.
Starting next month, the software giant will add a few more details to its Advanced Notification Alerts in order to give customers a better idea of whether they'll be rushing out software patches to their users.
Microsoft publishes these alerts five days before the security updates come out each month in order to let customers know which applications they may have to patch. The software updates and the security bulletins that accompany them are released on the second Tuesday of every month, a day known as Patch Tuesday.
Previously the Advanced Notification alerts contained only vague details on the updates - that Microsoft would be patching at least one critical Office bug, for example - but that is now changing, according to Microsoft security program manager Mark Griesi.
The new alerts will say which versions of Microsoft products will be affected. "In the past we said, 'In Windows there will be something released,'” he said. "Now we're providing a complete summary... It will tell you what the affected software is, including the maximum severity rating."
Microsoft had previously restricted the information in these alerts to make it harder for hackers to guess where bugs might lie, he said.
The Advanced Notification changes will make it easier for administrators to plan their update roll-outs, said Richard Linke, an independent security consultant based in Chicago. "If you basically just announce the components and the security levels for us that would far better help us in planning," he said.
Microsoft revealed its plans in a blog posting. Customers will see the new documentation starting with the 7 June Advanced Notification alert.
Microsoft has also streamlined its Patch Tuesday security bulletins to make it easier for customers to figure out whether the latest patches apply to the products they are using and how serious they really are.
Microsoft published an exampleof the new outline on its web site.