Some security researchers took issue last week with little-documented changes made by Microsoft to Windows in the last batch of security updates, but the software giant responded in a blog posting on Saturday that sometimes less information means better security. The advisory stated that the vulnerability being fixed was privately reported but that a “variation” of the flaw had been publicly disclosed in May 2004. Microsoft should have stated that the original vulnerability–more than 700 days old–had been fixed as well as a more recent, privately disclosed flaw, vulnerability researcher Matthew Murphy stated in a blog post.