One criticism of Microsoft's security alerts, which can probably be said for many other software companies is well, is their tendency to keep people in the dark about the nature of discovered exploits, at least initially. They tend to offer vague information at best, and don't always provide a way on determining if you are vulnerable or not. Many third party companies like Secunia will go a step above, but there's only so much they can do without intimate knowledge of the software in question. To that end, Microsoft is expanding
their Advance Notification Service, which is an opt-in service to learn about known exploits and upcoming patches. They'll now be offering quite a bit more information on vulnerabilities that could prove beneficial to system administrators:
Specifically, Microsoft will share for each vulnerability bulletin its maximum severity, its impact, information on detection and the software it affects. The descriptions will be stripped-down versions of the full bulletins, and once those full details are released on the Tuesday, the descriptions will be updated to include all the information, Microsoft said.
In the blog post mentioning
this, they also specify that after the full bulletins are released, the notices will be updated to reflect that. The changes will be put in place next month, and perhaps will make rolling out updates easier on administrators.