The joys of automatic mailing
From: Russ (Russ.Cooper@RC.ON.CA)
Date: Tue, 4 Mar 2003 15:56:06 -0500 From: Russ <Russ.Cooper@RC.ON.CA> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Well, it doesn't happen often, but you know it'll probably happen some
time...and today was that day.
I automatically scan MS security bulletins every 10 minutes looking for
new ones. Once every hour I scan last year's bulletins to see if any
have been revised. Once a week I look at all bulletins that were ever
created for revisions.
Seemed reasonable to me...until MS pushed 20 revised security bulletins
at the same time. Stands to reason that if they were to make a common
revision...in this case removing a URL reference to the old, now
defunct, corporate.windowsupdate.microsoft.com site...they would all
appear at the same time. The site is pushed at a scheduled time and not
ad hoc as the bulletins are revised.
I hadn't thought of that, duh!
So, no, you didn't receive 20 identical messages, they were all for
different bulletins. No, I am not spamming you purposefully, they were
all legitimate revision notices. No, I can't give them to you as they
appear, because they all appeared at the same time on the website.
I have disabled automatic posting for now.
There are a couple of options here;
1. Microsoft do attempt to differentiate between important revisions and
less important. They use minor and major revision numbers to (usually)
denote importance. A minor revision number indicates clarification of
points, or grammatical corrections and the like. A major revision means
a new platform is affected, or the binary has been changed. There's a
lot more than this involved in the numbering scheme, but I could post
only major revision changes if you think that would be better.
2. I could stop posting revision notices altogether.
3. I could manually post revision notices based solely on whether or not
I feel they're important. This means, however, that they will only be
sent once I've had a chance to review them and so it may not be
immediate, even if its an important issue (believe it or not, I'm not
always able to immediately check...;-])
4. Leave things as they are. Its not likely that we will see such
en-masse revisions often. Generally the revision process has worked
fairly well in the past.
Take the poll and let me know your preference;
Russ - NTBugtraq Editor
Have you discovered a security vulnerability related to Windows or a
commercial product which runs on Windows?
Need assistance crafting the format or translating your advisory to English?
Need to verify it, or having problems contacting the Vendor?