Skip to main content

Microsoft Security Advisories

Microsoft Security Advisories, a supplement to the Microsoft Security Bulletins, address security changes that may not require a security bulletin but that may still affect customers' overall security.

Microsoft Security Advisories are a way for Microsoft to communicate security information to customers about issues that may not be classified as vulnerabilities and may not require a security bulletin. Each advisory is accompanied with a unique Microsoft Knowledge Base Article number for reference to provide additional information about the changes.

Some examples of topics that security advisories discuss include the following:

  • "Defense in Depth" security enhancements or changes that are unrelated to security vulnerabilities
  • Guidance and mitigations that may be applicable for publicly disclosed vulnerabilities

Microsoft is committed to providing timely and prescriptive guidance. We encourage customers to provide feedback by completing the form at the Customer Service Contact Us page.

Available Notifications

Last 5 Published or Updated Security Advisories:

For the entire list of published Security Advisories, visit the Security Advisory Archive page. To learn about security vulnerabilities that Microsoft discovered in third-party products, visit the Microsoft Vulnerability Research Advisories page.

Get the Updates from Microsoft Updates

Get less technical detail from the Safety and Security Center for consumers, or download the updates from Microsoft Update.

Frequently Asked Questions

Q. What kind of information will security advisories contain?

Q. How are security advisories different from security bulletins?

Q. Could a security advisory become a security bulletin?

Q. Will every security advisory become a security bulletin?

Q. Will customers be able to sign up for email or RSS notification about new security advisories?

Q. How frequently are you going to update the security advisories after they have been issued?

Q. How much time after a public report can we expect to see an advisory?

Q. Why doesn’t the Advance Notification (ANS) include information about security advisories?

Q. How will customers know when there is a call to action associated with these security advisories?

Related Links

Get security bulletin notifications
Receive up-to-date information in RSS or e-mail format.

Microsoft Security Response Center (MSRC) blog
View MSRC webcasts, posts, and Q&A for insights on bulletins and advisories.

Report a vulnerability
Contribute to MSRC investigations of security vulnerabilities.