What you need to know about changes to Microsoft’s Security Update Guide

From csoonline.com

skull and crossbones in binary code

Microsoft recently changed how it presents and explains its security vulnerabilities in its products. The new security guide aligns itself with security and industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System (CVSS), which presents a vulnerability’s key characteristics and assigns a numerical score to its severity. The intent of that score is to help organizations better assess a vulnerability’s risk and respond appropriately. Microsoft scores every vulnerability (except for those that it automatically patches, such as with Microsoft Edge) and displays the details that make up that score in a new version of its Security Update Guide.

Read more…