Last year, the MSRC (Microsoft Security Response Center) stared to add release notes each month Security Update Guide > Dashboard. It aims to document already known issues.
The problem is that you get usually one release note on the portal (except this month) and cannot see previously released notes.
I’ve started to address this shortcoming and thought I’d share it.
You can find on https://github.com/p0w3rsh3ll/MSRC-data all the links to the release notes ever published on the Security Update Guide > Dashboard 🙂
I’ve also created folders where I store the CVRF (Common Vulnerability Reporting Framework) XML document and html bulletin that you’d get with the cmdlets in the MsrcSecurityUpdates module.
Back on the release notes. There’s actually another bigger issue:
Adding the release notes was Microsoft’s quick fix to provide ASAP the relevant info to IT professionals. Fine, no problem with that but it also appears that this “known issue” info isn’t documented directly into the XML cvrf document 😦
I’ve already tried to contact the Industry Consortium for Advancement of Security on the Internet (ICASI) and asked if the CVRF schema could be revised and updated.
I wrote the following message in March 2017 (no luck, no answer so far):