Introducing the CVRF API 3.0 update | MSRC Blog

Share it

Here at the Microsoft Security Response Center, our unwavering dedication lies in enhancing the security and efficiency of our offerings to fulfill the ever-changing requirements of our clientele. We are thrilled to introduce the release of the most recent iteration of our Common Vulnerability Reporting (CVRF) API. This upgrade encompasses advancements in both security and performance, all while keeping your existing invocation methods intact. Although the update to the PowerShell module remains optional, it can yield additional performance advantages.

Accelerated Response Times

The CVRF API 3.0 presents substantial performance enhancements compared to its predecessor (2.0). Users executing code that involves multiple queries will observe significantly swifter response times.

Elective PowerShell Revision for Direct Entry

While not mandatory, updating your PowerShell module can deliver extra performance perks. Without the update, your requests will be directed to the 2.0 URL, which then redirects to the 3.0 URL. With the updated PowerShell module, your queries are routed straight to the 3.0 URL, eliminating the necessity for redirection and further enriching performance.

To seize the benefits of these enhancements, we recommend updating your PowerShell module following the steps below:

  1. Set-PsRepository -Name PSGallery -InstallationPolicy Trusted

  2. Uninstall-Module -Name MsrcSecurityUpdates

  3. Install-Module -Name MsrcSecurityUpdates -Force -SkipPublisherCheck

For more detailed examples and information, please refer to our GitHub repository.

Augmented Security Measures

The freshly revamped API is reconstructed in a fresh format and housed on a more dependable platform, offering heightened security. Opting to stick with the old API raises the vulnerability to security breaches. Transitioning to the new API guarantees leveraging these security enhancements.

Adhering to Rate Limits

With the expedited 3.0 version, there’s a likelihood of inadvertently surpassing the API rate cap. If you encounter the error message “Too many follow-up requests: 21,” consider adjusting your querying frequency. Observing the rate limits ensures a seamless user experience.

This upgrade equips you with enhanced performance and security features. We invite you to explore the new functionalities and maximize our CVRF API capabilities. We eagerly anticipate hearing your feedback on this fresh feature and other enhancements here.

🤞 Don’t miss these tips!

🤞 Don’t miss these tips!

Solverwp- WordPress Theme and Plugin