Administrivia #30565: Warning about flurry of MS Bulletin notices

From: Russ Cooper (Russ.Cooper_at_TRUSECURE.CA)
Date: 06/15/04

  • Next message: Russ Cooper: "MinorRev: Microsoft Security Bulletin MS04-007 - ASN.1 Vulnerability Could Allow Code Execution (828028)" 
    Date:         Tue, 15 Jun 2004 17:23:59 -0400
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    I've finally fixed up my MS Security Bulletin Notification service
    program so it recognizes the new bulletin formats (3 different formats
    this year alone.) While there have been several new notices which
    haven't been sent to NTBugtraq, there have also been a number of
    revisions.

    I decided to send through 7 bulletin notifications in all. They will
    come through individually shortly. Sorry of this mucks anyone's pager or
    mailbox, but I thought it better to get caught up with these rather than
    just leave them non-existent.

    Here are some notes about the changes in this latest version of the
    service.

    1. On revisions, the reason for the revision is placed near the top of
    the message to make it easier to read on pagers and such.

    2. Affected Items and Components, as well as Non Affected Items and
    Components, are now listed as per MS' listing.

    3. URLs to download locations all use TinyURL now. The bulletin URL is
    still in its full form.

    4. It should handle multiple vulnerabilities in the one bulletin better.
    Thanks to MS for making the distinctions clearer.

    5. Most of MS' Executive Summary is now included.

    6. Revisions look pretty much like new bulletins, the major difference
    being that 1.0 releases won't bear a "Revision Date", don't have a
    "Reason for Revision", and don't have a "Revision History" section.

    Feedback on the new format is appreciated. Don't ask about an RSS feed
    though, I just haven't had time to investigate doing that. Its on my
    summer list of things to do, but then so is fishing, curing cancer, and
    several other things I've been meaning to get to.

    Cheers,
    Russ - Senior Scientist - TruSecure Corporation/NTBugtraq Editor

    -----
    NTBugtraq Editor's Note:

    Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you''ll have to copy their email address out of the message and place it in your TO: field.
    -----

  • Next message: Russ Cooper: "MinorRev: Microsoft Security Bulletin MS04-007 - ASN.1 Vulnerability Could Allow Code Execution (828028)"