You asked, we delivered: Introducing new features for an improved security experience

At the Microsoft Security Response Center (MSRC), your feedback drives our innovation. Every enhancement we deliver starts with listening to the security community and our customers. Based on your input, we’ve introduced three new features designed to make your experience more efficient, transparent, and user-friendly.

• The MSRC Glossary: A resource for clear, consistent security terminology

• Print for the Security Update Guide (SUG): Easier offline access and sharing

• Save as Draft in the Researcher Portal: Flexibility for vulnerability submissions

Whether you’re a customer, researcher, or security professional, these updates reflect our commitment to making security information easier to understand, share, and act on. Here’s what’s new.

Introducing the MSRC Glossary: A new tool to help you navigate Microsoft security terms

Security communication can be complex, especially when technical terms, acronyms, and definitions vary across vendors and platforms. To help bridge that gap, MSRC has launched a public glossary to help customers, researchers, and media better understand the terminology used across our site, including in the CVE content in the Security Update Guide. 

This glossary is designed to create clarity, consistency, and accessibility for anyone engaging with MSRC content, whether you're reading a security advisory, exploring the Security Update Guide, or reviewing a blog post about coordinated vulnerability disclosure.

By providing plain-language definitions and context for key terms, the glossary helps customers make informed decisions, understand risk, and take action with confidence.

How to use the MSRC Glossary

The glossary is structured alphabetically and includes definitions for terms commonly used in MSRC blogs, advisories, CVEs, and other communications. Here’s how to get the most out of it:

• Scan or search by keyword: Use your browser’s search function (Ctrl+F or Cmd+F) to quickly locate terms. You will also find direct links to the glossary from CVE content in the Security Update Guide.

• Understand context: Each entry provides a definition and, where relevant, explains how the term is used in MSRC communications. Where applicable, you will also find cross references to in-depth information across Microsoft online publications.

• Cross-reference with MSRC content: When reading a blog post or advisory, refer to the glossary to clarify unfamiliar terms or acronyms.

• Use it as a learning tool: The glossary is a great resource for new security professionals, IT leaders, and anyone looking to build fluency in Microsoft’s security language.

The glossary is updated periodically to reflect evolving terminology and industry standards. It’s part of our commitment to making security communication more transparent and actionable.

What this means for customers

Clear definitions help reduce confusion and improve decision making. Whether you're a security leader assessing risk, an IT admin applying updates, or a journalist covering a vulnerability, understanding the language used in MSRC content is essential.

This glossary supports:

• Faster comprehension of advisories and CVEs

• Improved coordination during incident response

• Better alignment with Microsoft’s security guidance

It’s especially helpful for non-technical readers who rely on MSRC content to inform business or operational decisions.

How Microsoft is helping

The glossary is part of MSRC’s broader effort to improve customer safety through clear, consistent communication. We’ve aligned the glossary with Microsoft’s writing style principles favoring plain language, avoiding jargon, and ensuring definitions are inclusive and accessible.

Print the Security Update Guide (SUG)

While the glossary improves clarity, we also focused on making the Security Update Guide more flexible. You asked for an easier way to take SUG content offline and now you can. The new Print feature makes it simple to generate a clean, printer-friendly version of any page.

Why does this matter? Many security teams need offline access for compliance audits, internal reviews, or environments with limited connectivity. Until now, that often meant screenshots or manual formatting, time-consuming and error-prone. With this update, you can:

• Archive for compliance: Keep printed copies for regulatory or internal documentation.

• Share easily: Provide stakeholders with a clear, professional layout—no extra formatting required.

• Work your way: Whether you prefer paper or need a hard copy for secure environments, this feature gives you flexibility.

What’s included:

Print support is available for all major sections of the Security Update Guide, including:

• CVEs

• Vulnerabilities

• Release Notes

• Acknowledgements

• Details lists and tables

How to use it:

• Enter print mode by pressing Ctrl+P or by right-clicking and selecting Print from the menu.

• Customize your print settings and generate a clean, readable layout.

This improvement is part of our ongoing effort to make the Security Update Guide more accessible and adaptable to your workflows.

Save as a Draft: A better way to submit vulnerability reports

Finally, we’ve made it easier for security researchers to manage their submissions. One of the most common requests we’ve heard from researchers is the ability to save a vulnerability report in progress without having to complete it all in one sitting. We’re excited to share that the Save as Draft feature is now live in the Researcher Portal.

This update allows researchers to pause and return to their work whenever they need to. Drafts can be saved by clicking the “Save draft” button or using the keyboard shortcut Ctrl+S. The Researcher Portal displays a clear indicator when a draft is being saved or when there are unsaved changes, along with a warning if you attempt to leave the page before saving. You can also roll back to your most recently saved version if needed.

By making it easier to start, pause, and resume submissions, this feature helps researchers focus on accuracy instead of time pressure. For MSRC, it improves the quality and completeness of reports and reduces the back-and-forth once a case is opened.

Researchers can try this out now in the Researcher Portal. Based on early feedback, we’re also exploring the addition of auto-save functionality in a future release.

Thank you for your feedback 
Your input continues to shape the way we improve MSRC tools and resources. These updates reflect our shared goal of making security processes clearer, faster, and more effective. Keep sharing your ideas through the MSRC feedback form. We’re listening and committed to delivering features that matter most to you.