Today, we are adding a new Security Advisory tab to the Security Update Guide to meet our customers’ needs for a unified and authoritative source for the latest public information about Microsoft security updates and issues.
We are continuously listening to feedback from users of the Security Update Guide. Our goal is to find new and improved ways to help customers manage security risks and keep their systems protected.
In response to your feedback, the Security Advisory tab will provide information on security events or issues that do not meet the criteria for a Coordinated Vulnerability & Exposure (CVE) assignment. It will also provide additional information that does not fit in the industry standard CVE format. The Security Advisory tab will provide Microsoft customers with centralized information relevant to security incidents and security issues affecting their environments, applications, and services.
Microsoft Security Response Center (MSRC) blogs related to security events will also be integrated into the Security Advisory Tab to further simplify the customer experience and provide a comprehensive “one-stop-shop” for Microsoft security disclosures. We encourage customers to subscribe to the Security Update Guide for notifications about CVE and Advisory publications.
The first Advisory has been published Microsoft-Identity-ASP.NET-WebApp-OpenIDConnect Sample Code Advisory and serves as an example of the type of content we will provide via this new mechanism.
As always, we welcome feedback on this new feature and other improvements here.