Microsoft Corp. is expanding its security notification service in an effort to better service end users who are not technically savvy, the company said last week.
Microsoft also changed the way it rates security issues. Customers complained that the old system failed to identify the most serious issues, the Redmond, Washington, software vendor announced in an e-mail to current security bulletin subscribers.
Many end users find Microsoft’s current security bulletins “overly detailed and confusing,” said Steve Lipner, director of security assurance at Microsoft, in the e-mail. Also, warnings about all Microsoft products are sent on the same list, which means home users also receive warnings about SQL Server, Microsoft’s database product, which they are unlikely to use.
In addition to the technical bulletins issued through TechNet, Microsoft will now also create bulletins specifically for end users. These bulletins, hosted at http://www.microsoft.com/security/, will describe straightforward steps that users can take to help keep their systems secure, Lipner wrote. An alert service for the new end user bulletins should be operational by year’s end, he wrote.
The current security bulletins offered on TechNet will continue to include technical details to help IT professionals with patches and workarounds, Microsoft said.