Microsoft introduces personalised patch dashboard for IT pros
29 May 2014 | 0
Microsoft has launched a web-based security dashboard for IT professionals that displays a customised view of the company’s past patches.
Called “myBulletins,” the dashboard shows the security updates for user-selected products, including the permutations of Windows, the iterations of Office and the various versions of its server-side software.
myBulletins displays a small graph that tallies the updates by Microsoft’s threat ranking system.
“[myBulletins is] a customisable online service that offers IT professionals a personalised list of the Microsoft security bulletins that matter most to their organisation,” Tracey Pretorius, a director in the company’s Trustworthy Computing group, explained in a blog.
The dashboard draws on the list of security bulletins — the latter is Microsoft’s term for its updates — that Microsoft has long published on its web site. In some ways, it replaces that list’s search and filtering functions.
To use myBulletins, customers must log in with a Microsoft account, then step through a short wizard to select the product lines, a process that includes drilling down to specific products, like Office 2010, Windows 8.1, or SQL Server 2012.
Bulletins can be sorted by identifier, product, impact, severity and whether a reboot is required. The information can also be downloaded in Excel format for further manipulation.
One security professional was less than impressed.
“If their intent was to create a single customised dashboard of Microsoft security issues affecting my organisation, then I’d have to give Microsoft a ‘C’ grade on this round,” said Andrew Storms, director of DevOps at San Francisco-based CloudPassage.
Storms dinged myBulletins for not providing notifications of new bulletins that met his criteria, for not offering direct links to the associated knowledge base articles Microsoft publishes on its support site, and for not including security advisories that outline vulnerabilities that have not yet been patched.
Most IT personnel have access to similar lists already, Storms noted, through Windows Server Update Services (WSUS), the Microsoft patch management tool that is widely used in businesses. WSUS also shows those updates that have been applied to the organisation, something myBulletins is incapable of duplicating, as it does not actually scan a PC or group of PCs.
myBulletins can be called from Microsoft’s site using any browser. The company has also published a FAQ with additional information about the dashboard.
Gregg Keizer, Computerworld