![]() |
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Patch Lady – 31 days of paranoia – day 10
Home › Forums › AskWoody blog › Patch Lady – 31 days of paranoia – day 10
This topic contains 16 replies, has 11 voices, and was last updated by
GoneToPlaid 4 months, 1 week ago.-
AuthorPosts
-
Patch Lady here – I wasn’t going to do a post on Patching with a paranoid theme in mind until later in the month but several articles and the fact tha
[See the full post at: Patch Lady – 31 days of paranoia – day 10]Susan Bradley Patch Lady
8 users thanked author for this post.
-
Speaking of severe action, how going back to employing a separate group of in-house software testers rather than relying exclusively on this release-and-see-what-blows-up approach?
3 users thanked author for this post.
-
You are correct in that there are still good coders working at Microsoft. Too bad they’re not in charge. As long as the quarterly profits keep climbing, there is no reason for Redmond to change their sloppy ways. After all, by the time their big money Enterprise customers receive updates, millions of consumers have painfully found the bugs so MS could fix them. I remember attending a Microsoft sales seminar, over ten years ago, where one of the key messages was to sell by removing pain points that competitor’s products cause. At some point in the future Microsoft will likely see how their current AGILE system worked against them, from the bottom up, when consumer/educational Chromebook users move into management positions and move to eliminate Windows wherever possible. Those kids are growing up today.
GreatAndPowerfulTech
1 user thanked author for this post.
-
In this regard, I face a dilemma. My son relies on a Windows laptop to run a Windows-only program that is central to his fledgling business. Do I give him the tools to block update and tell him to monitor askwoody for advice when to update knowing he is busy and likely to forget. Do I maintain my silence for the sake of his system’s security?
Group A (but Telemetry disabled Tasks and Registry)
Win 7 64 Pro desktop
Win 10 32 Home portable -
Aaaaaaaaaamen. Add Paul Thurrott to the list of voices crying in the wilderness – the Windows Weekly show that he and Mary Jo taped yesterday comes out strongly for a stroke of sanity.
The world’s coming around. Will Microsoft?
-
Why is there a complete disconnect between stock price vs. product quality and the way the company is being run?
Money doesn’t grow on trees. Obfuscation does not a success make.
-Noel
1 user thanked author for this post.
-
From Patch Lady’s post on the Home Page:
My biggest paranoia about patching today is that all of this paranoia about patching is no longer irrational paranoia over immaterial corner cases that the vast majority of people would never hit. My biggest paranoia is that more and more people will stop updating because of the reality that we are seeing.
As the saying goes, “Just because you’re paranoid, doesn’t mean they’re Not out to get you.”
Windows 8.1, 64-bit, now in Group B!
Wild Bill Rides Again... -
anonymousWell said, Susan. I feel exactly the way you do. In the past I have skipped updates as I dreaded more damage being done by Microsoft than the risk they were supposedly trying to protect us from.
-
anonymousYES! This is a post I needed to see today. I admit that I have been even more aggressive in my stance not to update Windows because of the huge mess that is in the Windows patching world. I am honestly far more scared of Microsoft’s own patches than I am with malware exploiting a vulnerability in my system. This is NOT good.
Yet it’s not just me, because I happily update other software openly and freely, like Chrome and Firefox. So if Microsoft could just make trustworthy patches that I knew would not botch my system and that I could rely on my computer working normally tomorrow, then I’d happily patch.
-
Very well said.
From Patch Lady’s post on the Home Page:
My biggest paranoia is that more and more people will stop updating because of the reality that we are seeing.
I no longer use Windows at home, personally. My workplace is covered under Enterprise, so they patch when they decide it’s safe. But my wife’s computers still use Windows 10. I have used Windows for some time, and I am technical enough to know what the Windows message loop is.
I was all set to patch last weekend when I saw the dire warnings/MSDEFCON 1 setting here on askwoody.com. So I didn’t patch. It’s now getting to the point that, between the horrible quality of the patches and the other demands on my time, I might get our Win10 computers patch maybe once every 2-3 months. Thing is, I can’t just sit down and apply patches. The patching procedure is such a chore now (because I have to protect our machines against garbage like last weekend’s fiasco) that that there are some months when I just decide that I have more important things to do.
And I’m technical, and know the risks of not applying security updates. Eventually, I would imagine that we’ll just find a non-Microsoft solution and put an end to the madness.
Group "L": Linux Mint
2 users thanked author for this post.
-
Thing is, I can’t just sit down and apply patches.
…
I have more important things to do.Says it all, really.
And I’m technical, and know the risks of not applying security updates. Eventually, I would imagine that we’ll just find a non-Microsoft solution and put an end to the madness.
Says it all with exclamation points.
Microsoft is either not listening or this outcome is their goal too.
-Noel
1 user thanked author for this post.
-
-
anonymousHow do we know it’s not a “material” amount that was affected by the Documents bug. That group includes both ‘some’ OneDrive users and ‘some’ people with multiple drives who offload Documents to those drives, such as myself. I wasn’t affected since I lurk here. But I heard screams of anguish from folks I indirectly know who run Home and aren’t geeks, who will never post to Microsoft forums, who can’t effect their own repair and who cant afford expensive service depots and are distrustful of them anyway. They will simply dissappear into the ether and suck up the loss of all their precious files. I expect there are a lot of these users but we’ll never know.
-
anonymousSusan your last paragraph hit the nail squarely on the head. We are back to where we were fifteen years ago. This feels more and more like Windows ME every day.
-
anonymousIncreasingly, we are finding downtime to be a serious issue, even (or more so) in SMB environments (without clustered/HA setups). It’s hard to find maintenance time when patches are coming out 3-4 times a day and they mostly require reboots. Running the VMs on Hyper-V absolutely does not help here, since you need to reboot the hypervisor as well, so – everything goes down then.
MS should seriously focus on fixing their servicing stack to get rid of the forced reboots – years and years behind Linux/*nix OS here.
-
anonymousI meant
a daya month obviously (not that bad yet)Edit to remove HTML. Please use the “Text” tab in the entry box when you copy/paste.
-
-
You are correct in that there are still good coders working at Microsoft. Too bad they’re not in charge. As long as the quarterly profits keep climbing, there is no reason for Redmond to change their sloppy ways. After all, by the time their big money Enterprise customers receive updates, millions of consumers have painfully found the bugs so MS could fix them. I remember attending a Microsoft sales seminar, over ten years ago, where one of the key messages was to sell by removing pain points that competitor’s products cause. At some point in the future Microsoft will likely see how their current AGILE system worked against them, from the bottom up, when consumer/educational Chromebook users move into management positions and move to eliminate Windows wherever possible. Those kids are growing up today.
I disagree with your assertion that Redmond does not need to change their sloppy ways. Microsoft needs to change their sloppy ways, not just in terms of Windows Updates, but in terms of how hackers use fuzzing to find new holes in said Windows Updates since all updates are now left to the individual programmers. Individual programmers are notorious for repeating the same kinds of coding mistakes. In my opinion, Nadella’s firing of the Windows Update Quality Control Team will turn out to be the single greatest mistake for Nadella’s tenure as CEO at Microsoft.
-
AuthorPosts
Comments are closed.
-
-
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced.

Plus Membership
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Search The Lounge
Recent Replies
-
anonymous on Cimpanu: The US Govt Accountability Office recommends the US adopt GDPR-like privacy legislation
33 minutes ago -
PaulK on Patch Lady: Still on Win7? Get over it, for security’s sake1 hour, 1 minute ago
-
anonymous on Verizon FIOS upload speed
1 hour, 2 minutes ago -
Elly on Patch Lady: Still on Win7? Get over it, for security’s sake1 hour, 7 minutes ago
-
hmw3 on Tell me the truth – Which is better, Chrome or Firefox?1 hour, 18 minutes ago
-
hmw3 on Patch Lady: Still on Win7? Get over it, for security’s sake1 hour, 19 minutes ago
-
anonymous on Woody’s Windows Watch: Dispatches from the browser-war’s front lines
1 hour, 23 minutes ago -
HH33 on KB3177467 reincarnated?1 hour, 28 minutes ago
-
NetDef on Server 2016 LTSC patches take for-e-ver. There are numerous reasons why – and not much you can do about it1 hour, 56 minutes ago
-
OscarCP on Verizon FIOS upload speed2 hours, 52 minutes ago
-
Morty on Woody’s Windows Watch: Dispatches from the browser-war’s front lines3 hours, 54 minutes ago
-
Ascaris on Woody’s Windows Watch: Dispatches from the browser-war’s front lines4 hours, 55 minutes ago
-
Peter Haug on Woody’s Windows Watch: Dispatches from the browser-war’s front lines5 hours, 17 minutes ago
-
PerthMike on Server 2016 LTSC patches take for-e-ver. There are numerous reasons why – and not much you can do about it5 hours, 49 minutes ago
-
Bluetrix on Anomalous, buggy behavior on AskWoody6 hours, 9 minutes ago
-
PKCano on Win10.1809 repair / in-place upgrade failure6 hours, 10 minutes ago
-
Moondoggy on Woody’s Windows Watch: Dispatches from the browser-war’s front lines6 hours, 31 minutes ago
-
Ascaris on LangList: Should you trust a hard drive after a major error?7 hours, 1 minute ago
-
OscarCP on Woody’s Windows Watch: Dispatches from the browser-war’s front lines7 hours, 22 minutes ago
-
OscarCP on Tell me the truth – Which is better, Chrome or Firefox?7 hours, 32 minutes ago
Recent Topics
-
Edge is NOT just Win 10
4 hours, 17 minutes ago
-
Verizon FIOS upload speed
1 hour, 2 minutes ago
-
Win10.1809 repair / in-place upgrade failure
6 hours, 10 minutes ago
-
Unable to run a command in Linux Mint
6 hours, 38 minutes ago
-
Extra system files?
10 hours, 13 minutes ago
-
Server 2016 LTSC patches take for-e-ver. There are numerous reasons why – and not much you can do about it
1 hour, 56 minutes ago
-
Whatever happened to Opera?
9 hours, 53 minutes ago
-
win 10 backup failure 0x800700E1
9 hours, 43 minutes ago
-
Win 7 to Win 10: 1803 or 1809 or 1903?
11 hours, 55 minutes ago
-
Windows 8.1 Post Patch Maintenance
16 hours, 54 minutes ago
Search for Topics
Recent blog posts
- Server 2016 LTSC patches take for-e-ver. There are numerous reasons why – and not much you can do about it
- Woody’s Windows Watch: Dispatches from the browser-war’s front lines
- LangList: Should you trust a hard drive after a major error?
- Patch Watch: February Patch Tuesday and yet more problems with the new Japanese calendar
- Deanna’s Freeware Spotlight: MultiPack Visual C+ Installer