The MSRC announces Exploitability Index improvements & Advance Notification Service for the May 2011 Security Bulletin Release

Article
05/05/2011

Today the Microsoft Security Response Center announced changes to Microsoft’s Exploitability Index:

Since October 2008, we have used the Exploitability Index to provide customers with valuable exploitability analysis for our security bulletins, and starting Tuesday this information will become even more comprehensive for those who use Microsoft’s latest platforms.

The Exploitability Index assesses the likelihood of functional exploit code being developed for a particular vulnerability. By providing the index information month over month, we’re helping customers prioritize the security updates that matter to them. The Exploitability Index will continue to provide an aggregate exploitability rating across all affected products, and the improvements made to Exploitability Index will now offer additional information to help customers prioritize bulletins, specifically for the most recent platforms, e.g. Windows 7 Service Pack 1 and Office 2010.

In addition, they provide advanced notification on the release of a Critical security bulletin addressing a vulnerability in Windows, and an Important bulletin addressing two vulnerabilities in Microsoft Office. As always, the bulletin release is scheduled for the second Tuesday of the month, May 10, at approximately 10 a.m. PDT.

For all the details see the following:

https://blogs.technet.com/b/msrc/archive/2011/05/05/exploitability-index-improvements-amp-advance-notification-service-for-may-2011-bulletin-release-2.aspx

J.C. Hornbeck | System Center Knowledge Engineer

The MSRC announces Exploitability Index improvements & Advance Notification Service for the May 2011 Security Bulletin Release

Additional resources