Microsoft adds category to security rating system
After customers complained that they couldn't identify the most serious security vulnerabilities, Microsoft has added a fourth category to its vulnerability rating system. But critics feel that the extra tier adds even more complexity to an administrator's job.
Under the new system, fewer bulletins get the "critical" stamp. Only vulnerabilities that could be exploited to allow malicious Internet worms to spread without user action are now rated critical. Many issues that were previously rated critical are now "important," a new category in the rating system. These "important" vulnerabilities could still expose user data or threaten system resources, but they might not receive the urgent attention from administrators that they deserve.
[ Read more ]