powershellscript100722586orig

Microsoft posts PowerShell script that spawns pseudo security bulletins

A Microsoft manager this week offered IT administrators a way to replicate -- in a fashion -- the security bulletins the company discarded last month.

"If you want a report summarizing today's #MSRC security bulletins, here's a script that uses the MSRC Portal API," John Lambert, general manager of the Microsoft Threat Intelligence Center, said in a Tuesday message on Twitter.

Lambert's tweet linked to code depository GitHub, where he posted a PowerShell script that polled data using a new API (application programming interface). Microsoft made the API available in November when it first announced that it planned to axe the security bulletins it had issued since at least 1998.

The API lets advanced users, typically corporate security and network admins, mine the database that replaced the bulletins. Customers can manually dig information from the database using the Security Updates Guide web portal.

Before calling on the API, users must retrieve a key; they can do that from the "Developer" tab on the Security TechCenter site.

Using PowerShell and the API key, Lambert's script automatically assembled an HTML-formatted document that called out vulnerabilities by CVE (Common Vulnerabilities & Exposures, a widely-used bug identifying system) with listings of which product each flaw affected. The document also organized the bugs by Microsoft's exploitability index and collected all the vulnerabilities each version of software contained.

Some of the information once present in security bulletins, such as bug workarounds and mitigations, was missing from the document. However, those remedies can be retrieved from the database using additional PowerShell code Microsoft published on GitHub.

The script lets users select the time frame of the ensuing document; Lambert's example covered the May 9 security updates. When saved as a PDF, this month's document ran 203 pages.

But even as Lambert pitched the script as a substitute for the defunct bulletins, others reveled in the irony.

"This gives me a great idea: Just put the summary on [Microsoft's] web page. Seemed to work alright the last 15 years or so!" tweeted Mark Dowd, founder of Azimuth Security, in a Twitter reply.

IDG Insider

PREVIOUS ARTICLE

« Google will review web apps that want access to its users' data

NEXT ARTICLE

Hands-on: How Microsoft's mixed-reality devices could learn a lesson from the HoloLens »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?