Microsoft Will Resume Email Security Notifications This Week

Microsoft announced this afternoon that it would resume sending security email notifications, reversing course on a decision it had made to suspend the practice.

Update: Microsoft today has reversed course on its decision to suspend security email notifications, and will resume doing so on Thursday.

The original decision, made in response to Canada’s antispam law set to go into effect tomorrow, was announced on Friday. This afternoon, however, a Microsoft spokesman said the email notifications will begin again with this week’s advanced notification of the July Patch Tuesday security advisories.

“We have reviewed our processes and will resume these security notifications with our monthly Advanced Notification Service (ANS) on July 3, 2014,” the company’s statement said.

The move baffled many in the security community, who came to expect the monthly emails, which provide information on what applications will be patched on the next Patch Tuesday. Microsoft has used this as a main communications channel for keeping its enterprise customers apprised of what’s going in terms of security for the better part of a decade now. After the company began releasing its security patches on a regular monthly schedule, it started sending emails to customers a few days beforehand to let them know how many and what kinds of patches to expect.

Microsoft also sends out regular messages about new security advisories or when new information is added to a bulletin, such as when active attacks against a given flaw are seen or when a workaround is developed. Microsoft posted last week to the Full Disclosure security mailing list that the move was in response to an unspecified change in government regulation.

“As of July 1, 2014, due to changing governmental policies concerning the issuance of automated electronic messaging, Microsoft is suspending the use of email notifications that announce the following:

  • Security bulletin advance notifications
  • Security bulletin summaries
  • New security advisories and bulletins
  • Major and minor revisions to security advisories and bulletins

Microsoft recommended customers subscribe to one or more of its RSS feeds described on the Security TechCenter website.

Several sources indicated that the change is related to a new anti-spam law going into effect in Canada.

In addition to its email notifications, Microsoft posts all of its new bulletins, advance Patch Tuesday notifications and other security information on a number of channels, including various company blogs, Twitter and elsewhere.

This story was updated at 6:30 p.m. ET.

Suggested articles

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.