Microsoft to shutter security notification service
- 28 June, 2014 22:43
Microsoft on Friday said it would shut down its email notification service for security warnings next week, telling IT and security administrators that they should instead subscribe to RSS feeds from the firm.
The message was sent to anyone who had opted in to a mailing list set up long ago to alert them about new security advisories, new or revised security bulletins -- the term Microsoft uses for its monthly patch updates -- and revisions to both the advisories and bulletins.
"As of July 1, 2014, due to changing governmental policies concerning the issuance of automated electronic messaging, Microsoft is suspending the use of email notifications," the company told the mailing list's members.
The use of the word "suspending" leave opens the possibility that Microsoft will resume the practice at some later date.
The mailing list harked back to at least 2002, a year before Microsoft instituted its "Patch Tuesday" of pre-scheduled security updates, which occur on the second Tuesday of each month.
In lieu of the mailing list, Microsoft advised IT and security professionals to subscribe to one or more of the available RSS feeds. Those feeds can be accessed from the Microsoft website. Other communication channels include the Microsoft Security Response Center's Twitter account.
Some have tied the decision to a new Canadian law set to take effect July 1, and the timing of the closure supports such speculation. The Canadian anti-spam law has received little attention outside that country, but has been characterized as among the world's strictest. The legislation requires definitive opt-in authorization by recipients.
Of interest is that the new law has a three-year grace period, which allows companies to continue sending email if a business or non-business relationship had been established prior to July 1; the Microsoft security mailing list, which was always opt-in, seems to fit the definition of an ongoing relationship.
An FAQ on the anti-spam law has been posted on the Canadian government's website.
Microsoft may be erring on the side of caution -- penalties for violating the Canadian law are severe, including fines of up to $10 million -- as it sorts out the details of the law. Or it may have simply wanted to dispense with the list. Hints of the latter included the continued delivery of other email, among them ones provide the company's monthly security newsletter to customers.
Microsoft Canada has created an opt-in form for continued promotional emails; to entice Canadians to give their authorization, the company is randomly drawing names for a $500 gift voucher.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed. His email address is firstname.lastname@example.org.
Read more about windows in Computerworld's Windows Topic Center.