Microsoft Launches Security Bulletin Customization Service

Microsoft has launched a new online service designed to provide IT professionals a list of the security bulletins relevant for the products used by their organizations.

Because many cyberattacks rely on unpatched vulnerabilities, it’s important that organizations always keep their software up to date. With Microsoft releasing security updates for several products each month, it is often hard to determine which of them are relevant.

With the launch of myBulletins, the Redmond, Washington-based software giant hopes to address this issue with the release of the customization service. To use the service, users must visit the myBulletins website, log in to their Microsoft account, and build their profile by selecting the products and versions installed on their systems. The online tool then provides a list of security updates through a personalized dashboard.

To make the patch-applying process even easier, myBulletins provides advanced search and filtering options. In order to help IT teams make quick decisions and efficiently apply patches, the deployment of security bulletins is prioritized based on release date, severity, and reboot requirements.

The list of security bulletins is dynamic and the dashboard it’s displayed in can easily be edited. For reporting purposes, the list can be exported to Microsoft Excel.

“myBulletins is our way to deliver on the promise to make applying security updates as seamless as possible,” Tracey Pretorius, director at Microsoft Trustworthy Computing, wrote in a blog post.

The new service has some good features, but it doesn’t help administrators with all aspects of patch management, explained Sergio Galindo, general manager of the infrastructure business unit at GFI Software.

“In short, the myBulletins service is a great idea and it has some good features, such as its filtering capabilities, but it lacks in the notifications area, i.e. users need to log into the console as there are no notifications,” Galindo told SecurityWeek.

“As the number of consoles that an IT administrator needs to log into grows, adding one more is not going to win any kudos from the community. While myBulletins allows you to narrow the focus of the alerts, IT administrators are still left with the ‘Now what do I do’,” Galindo added. 

“myBulletins is a way to narrow some of the Microsoft bulletins, but with the number of third party applications in use, it is best that IT administrators have the tools to get all their bulletins and patches in one place, as opposed to having to shift between multiple sources and different dashboards.”

The online service has been developed based on feedback from IT professionals, and Microsoft urges users to help the company improve the project by sharing their thoughts.