Yesterday, three HP 3000 Security Bulletins were posted to comp.sys.hp.mpe. These bulletins were taken from the HP SupportLine (HPSL) Security Bulletin service. This is the first time we've used the HPSL Security Bulletin service to notify HP 3000 customers about security vulnerabilities. From now on, the HPSL Security Bulletin service will be the primary mechanism CSY uses to inform its HP 3000 customers about security problems. This service is free to anyone who has purchased an HP 3000 or an HP 9000 system. The Security Bulletin service is basically an electronic mailing list that HP has been using to inform its HP 9000 customers about security vulnerabilities and corrective counter-measures. As the first follow-up to this article, I've posted a public announcement entitled, "Hewlett-Packard Announces Security Bulletin Service for HP 3000 Customers." This article explains a little more about the Security Bulletin service and how to subscribe to the mailing list. We also included a description of the Security Bulletin service with every shipment of the General Release of MPE/iX 5.0 (the "5.0 Push" release). We are currently investigating two enhancements that will help us better serve our HP 3000 customers. First, we are looking at extending the HPSL Security Bulletin service to include a mechanism for delivering Security Bulletins via FAX. This will help us reach HP 3000 customers who have a difficult time accessing the Internet. Second, we are trying to define an electronic patch delivery mechanism for HP 3000 customers to replace the current tape methodology. Hopefully, both of these changes will be in place before we have to do our next security problem notification. Mike Paivinen [log in to unmask] Hewlett-Packard CSY - Mailstop 47UP 19447 Pruneridge Avenue Cupertino, CA 95014