Microsoft announced yesterday plans to retire the Security Bulletins system after January 2017, and replace it with a new security portal that provides a searchable database of all the company's security updates.

The new portal is called Security Updates Guide, and is already live. The searchable database is available here. Microsoft says that starting with February 2017, the searchable database will replace its convoluted Security Bulletins system.

"Security update information will be published as bulletins and on the Security Updates Guide until January 2017. After the January 2017 Update Tuesday release, we will only publish update information to the Security Updates Guide," the Microsoft team said in a statement published yesterday.

Many expected Microsoft to retire its Security Bulletins system

Many industry experts have expected Microsoft to retire its Security Bulletins after in August the company announced a new cumulative update model for Windows 7 and 8.1, modeled after Windows 10.

The company announced that instead of multiple smaller update packages that fixed individual issues, it will be delivering one single update per month, including all fixes.

Microsoft said that two updates will be available each month for each operating system, one including all OS updates, and one that included only security-related fixes.

The all-in-one update, which also includes the security fixes, will be delivered via the normal Windows Update system, while sysadmins looking for the security-only package will have to download and deploy it from WSUS, SCCM, and the Microsoft Update Catalog.

New security updates database simplifies searching for specific patches

The new security updates portal allows users to search updates by CVE, KB number, product, or release date, and will help system administrators identify the month and update package in which security fixes were released by Microsoft's staff.

Microsoft also announced that a RESTful API will be available for system administrators and developers that want to programmatically interact with the new security updates database.