Sept 12th after release, API didn't return full set of MSRC data

Question

Sept 12th after release, API didn't return full set of MSRC data

fredthedop opened this issue a year ago · 3 comments

On September 12th, after the Microsoft Patch Tuesday release, the API route "https://api.msrc.microsoft.com/cvrf/v2.0/document/2023-Sep" only returned the list of Edge Chromium updates. It did not list anything else (OS, IE, .NET, Office, etc updates) until nearly 3 hours after the release. During this same period of time, however, the MSRC website did properly list all the updates.

Answer 1 · 2023-09-19T18:03:01.000Z

The updates to the API route were delayed on September 12th.

Answer 2 · 2023-09-19T18:42:56.000Z

Respectfully, it appears it was a lot longer than 1 hour. The MSRC notification email arrived in my mailbox at 12:20 Central. The data was already available on the MSRC before this email was sent or arrived. However, the API didn't return the full list until 14:40 Central. So that is at least 2 hours and 20 minutes. Not 1 hour. It is even longer than 2 hours and 20 minutes, when one considers that the MSRC was actually updated before the MSRC email notification was sent. Are there plans to determine what caused the delay, and prevent it going forward? We need this to work on Patch Tuesday so we can stage our updates.

Answer 3 · 2023-09-20T19:02:30.000Z

Thank you for bringing this to our attention and we apologize for the inconvenience it has caused. Yes, we have already fixed the root cause of this issue to prevent it from happening in the future.