Skip to main content

Microsoft Security Update Guide, Second Edition

The Microsoft Security Update Guide contains valuable information and tools to help you protect your IT infrastructure while creating a more secure computing and Internet environment. IT professionals can use this guide to better understand and maximize Microsoft security update release information, processes, communications, and tools.

 

DownloadDownload the Microsoft Security Update Guide

Get to know Security Update Process

Get to know the security update process

Get a complete overview of the guidance and resources that accompany updates, and use the reference guide to develop a customer risk-management framework.

Learn how To


1

Sign up for
security notifications

2

Assess the
security guidance

3

Verify that notices
are genuine

Topics include:

  • Security notifications, bulletins, summaries, and updates
  • Knowledge base articles and security advisories
  • Security update testing and release process
  • Fraudulent notifications and how to recognize them
Understand and evaluate risks

Understand and evaluate risks

Get the Microsoft resources you need to understand how vulnerabilities will affect you, what the overall risks are, and how you can mitigate them.

Learn how To


1

Formulate a risk
management
framework

2

Determine when
vulnerabilities
affect you

3

Assess vulnerability
risk and impact

4

Evaluate security
update implications

Topics include:

  • What to do if you don’t have a risk management process
  • Ways to gather vulnerability intelligence
  • Methods for determining vulnerability risks
  • Microsoft Severity Rating System
Mitigate security risks

Mitigate security risks

Understand what security mitigations and workarounds are, and learn how to implement them as a short-term security defense to help protect against attempts to exploit vulnerabilities.

Learn how To


1

Evaluate mitigation
and workaround
options

2

Determine availability of
active protections

3

Consider urgent
update deployment

Topics include:

  • Differences between mitigations and workarounds
  • Implementing a short-term defense
  • Resources to help you evaluate mitigation efforts
Understand how quickly you need to apply updates

Understand how quickly you need to apply updates

Learn about developing timelines and evaluation processes for handling security updates when you are faced with a security risk.

Learn how To


1

Plan a
deployment

2

Determine
update
availability

3

Obtain required
update files

4

Create an
update package

5

Test and
deploy the
package

Topics include:

  • Six steps to deploy an update
  • Processes for standard and urgent package deployment
  • Developing rollout schedules
  • Recognizing trusted sources for security update files
Assess your update

Assess your update

Understand what happens after deployment—including how to know when your update was successful—and find ways to better manage updates in the future.

Learn how To


1

Confirm successful
installation

2

Conduct
post-implementation
reviews

3

Remove short-term
mitigations

Topics include:

  • Using Microsoft Baseline Security Analyzer (MBSA) and other tools
  • Methods and resources for uninstalling security updates
  • Post-implementation review process
Maintain ongoing security

Maintain ongoing security

Find out how you can improve security, even when no security updates are available. Stay alert to threats, and get better oversight into your IT systems and how secure they are.

Learn how To


1

Take action on
security bulletin and
advisory revisions

2

Consult other Microsoft
security resources

3

Be vigilant and
stay informed

Topics include:

  • Major and minor security bulletin and advisory revisions
  • Ways to combat the ongoing threat of malicious software
  • Microsoft Security Intelligence Report and other resources

DownloadDownload the Microsoft Security Update Guide