Microsoft has been slammed by industry experts for its decision to make advanced security notices available only to those who pay a premium.
Redmond said that its Advance Notification Service (ANS) was changing to meet the evolving needs of customers and their technology environments.
It said in a statement:
“Moving forward, we will provide ANS information directly to Premier customers and current organizations involved in our security programs, and will no longer make this information broadly available through a blog post and web page.”
Microsoft claimed that “optimized testing and deployment methodologies” amongst the large organizations for whom ANS was intended means that the vast majority wait for Patch Tuesday or simply allow automatic updates, rendering the notifications redundant.
“More and more customers today are seeking to cut through the clutter and obtain security information tailored to their organizations. Rather than using ANS to help plan security update deployments, customers are increasingly turning to Microsoft Update and security update management tools such as Windows Server Update Service to help organize and prioritize deployment. Customers are also moving to cloud-based systems, which provide continuous updating.”
Premier customers who want it will still be able to receive the updates through their Technical Account Manager support representatives, whilst those without such a contract were urged to sign up to the personalized myBulletins service.
However, Rapid7 security engineering senior manager, Ross Barrett, claimed that the move was an “assault on IT and IT security teams everywhere.”
“Making this change without any lead up time is simply oblivious to the impact this will have in the real world,” he argued.
“Microsoft is basically going back to a message of ‘just blindly trust’ that we will patch everything for you. Honestly, it's shocking.”
Tim Byrne, product manager at Core Security, added that “Microsoft wants all of the pie and will force organizations to pay.”
This article has been extracted from http://www.infosecurity-magazine.com, please click on this link to read the article in full http://www.infosecurity-magazine.com/news/microsoft-slammed-patch-tuesday/
Montash is a multi-award winning global technology recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy Technology, Demand IT and Business Engagement, Digital and E-commerce, Leadership Talent, Infrastructure and Service Delivery, Project and Programme Delivery.
Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.