diff --git a/tools/microsoft/bin/get_cves_and_threat_strings_from_bulletin.rb b/tools/microsoft/bin/get_cves_and_threat_strings_from_bulletin.rb
new file mode 100755
index 0000000..c828996
--- /dev/null
+++ b/tools/microsoft/bin/get_cves_and_threat_strings_from_bulletin.rb
@@ -0,0 +1,26 @@
+#!/usr/bin/env ruby
+
+require '../microsoft_cvrf_client.rb'
+require 'optparse'
+
+@options = {}
+
+OptionParser.new do |opts|
+  opts.on("-id", "--id", "Bulletin ID") do |id|
+    @options[:id] = id
+  end
+end.parse!
+
+bulletin_id =  @options[:id]
+api_client = MicrosoftCvrfClient.new
+
+bulletin_response = api_client.get_id(bulletin_id)
+
+cves_and_threat_strings = api_client.cves_and_threat_strings(bulletin_response)
+
+cves_and_threat_strings.each do |cve, threat_strings|
+  puts "CVE: #{cve}"
+  puts "-------------------"
+  puts "THREAT_STRINGS: #{threat_strings}"
+  puts "-------------------"
+end
diff --git a/tools/microsoft/microsoft_cvrf_client.rb b/tools/microsoft/microsoft_cvrf_client.rb
index d6311ea..1243b69 100755
--- a/tools/microsoft/microsoft_cvrf_client.rb
+++ b/tools/microsoft/microsoft_cvrf_client.rb
@@ -33,13 +33,33 @@ class MicrosoftCvrfClient
   end
 
   def get_id(id)
-    p "Now checking #{id}"
-    p "------------------"
-    result = api_instance.cvrf_id_get(api_version, api_key, id)
-    p result
+    api_instance.cvrf_id_get(api_version, api_key, id)
   rescue OpenapiClient::ApiError => e
     puts "Exception when calling DefaultApi->cvrf_id_get: #{e}"
   end
+
+  # response from get_id()
+  def cves_and_threat_strings(response)
+    response.vulnerability.map do |vuln| 
+      threat_string = get_threat_string_for_vuln(vuln)
+      split_t_string = split_threat_string(threat_string)
+      #hashed_string = split_threat_string_to_hash(split_t_string)
+      [ vuln.cve, split_t_string ]
+    end
+  end
+
+  def get_threat_string_for_vuln(vuln)
+    vuln.threats.select { |t| t.type == 1 }.first.description.value
+  end
+
+  def split_threat_string(threat_string)
+    threat_string.split(";")
+  end
+
+  # doesnt work
+  def split_threat_string_to_hash(split_threat_string)
+    Hash[*split_threat_string.flatten]
+  end
+
 end
 
-c = MicrosoftCvrfClient.new