Some vendors give you a lot a details, some are very obscure.
There is a need for a "standard" Security Advisory, on the same base that there is a "standard" emerging from Responsible Disclosure.
* Easy, unambiguous way of determining whether you're affected
* What risks are for each condition (have an AMT ready CPU, have AMT enabled, etc)
* Which patches fix which risks
And more. This will require some thought, and hopefully some UX people.