Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Sunday October 16 2016, @09:47AM   Printer-friendly
from the some-folks-don't-need-flexibility,-apparently dept.

The Register reports

Redmond kicks off the era of the force-fed security update

Microsoft is kicking off a controversial new security program this month by packaging all of its security updates into a single payload.

The October security release introduces Redmond's new policy of bundling all security bulletins as one download. While more convenient for end users, who now get just one bundle, the move will irk many administrators, who had preferred to individually test and apply each patch to avoid compatibility problems.

Krebs on Security notes

Microsoft: No More Pick-and-Choose Patching

Starting this month, home and business Windows users will no longer be able to pick and choose which updates to install and which to leave for another time. For example, I've often advised home users to hold off on installing .NET updates until all other patches for the month are applied--reasoning that .NET updates are very large and in my experience have frequently been found to be the source of problems when applying huge numbers of patches simultaneously.

But that cafeteria-style patching goes out the...err...Windows with this month's release.

[...]Microsoft's patch policy changes are slightly different for home versus business customers. Consumers on Windows 7 Service Pack 1 and Windows 8.1 will henceforth receive what Redmond is calling a "Monthly Rollup," which addresses both security issues and reliability issues in a single update. The "Security-only updates" option--intended for enterprises and not available via Windows Update--will only include new security patches that are released for that month.

What this means is that if any part of the patch bundle breaks, the only option is to remove the entire bundle (instead of the offending patch, as was previously possible). I have no doubt this simplifies things for Microsoft and likely saves them a ton of money, but my concern is this will leave end-users unable to apply critical patches simply due to a single patch breaking something.

[...]The smartest option is probably to ditch [Adobe Flash] once and for all and significantly increase the security of your system in the process. I've got more on that approach (as well as slightly less radical solutions) in A Month Without Adobe Flash Player.

[...]Finally, Adobe released security updates that correct a whopping 71 flaws in its PDF Reader and Acrobat products. If you use either of these software packages, please take a moment to update them.

Has this change in method and control altered the thinking of any Soylentils WRT their choices of software supplier?
Now for the biggie: Has anyone convinced his boss to depart the Redmond path?

Previous: Windows 7 and 8.1 Moving to Windows 10’s Cumulative Update Model


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0, Informative) by Anonymous Coward on Sunday October 16 2016, @09:30PM

    by Anonymous Coward on Sunday October 16 2016, @09:30PM (#414956)

    They eventually put out an update to the Windows updater that could be user-installed, and should supposedly fix the problem,

    But don't mention KB3161647 or KB3163023 or anything, because that would be far too helpful.

    Please give a long winded unhelpful anecdote instead.

    Starting Score:    0  points
    Moderation   0  
       Flamebait=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  

    Total Score:   0  
  • (Score: 2) by Marand on Sunday October 16 2016, @09:49PM

    by Marand (1081) on Sunday October 16 2016, @09:49PM (#414972) Journal

    Looks like it helped bring attention to it, so I guess it did help after all. FWIW, I had to download a standalone update so I wasn't aware of a KB number to list. Plus this was months ago and an OS I infrequently use; expecting me to memorise that shit is as silly as me expecting you to remember who committed specific patches to Debian during a random discussion.

    • (Score: -1, Troll) by Anonymous Coward on Sunday October 16 2016, @10:26PM

      by Anonymous Coward on Sunday October 16 2016, @10:26PM (#414994)

      OK let me explain the fix without using numbers. The version of Windows Update Client released in March was buggy, and Microsoft did put out a new version of Windows Update Client in June which fixed the problem of long update scan times, but the fix was hidden inside a large optional update.

      Of course the comment which mentioned the KB numbers is modded down since we're all penguin loving Linux fanatics around here and nobody should need to fix Windows because nobody uses Windows for any reason ever.

      • (Score: 2) by Marand on Sunday October 16 2016, @11:50PM

        by Marand (1081) on Sunday October 16 2016, @11:50PM (#415014) Journal

        OK let me explain the fix without using numbers. The version of Windows Update Client released in March was buggy, and Microsoft did put out a new version of Windows Update Client in June which fixed the problem of long update scan times, but the fix was hidden inside a large optional update.

        I just checked and that June one that "fixed the problem" was distributed in that "update rollup" they released. That's the one I tried that informed me that I wasn't using Win7 SP1 (when I was), and thus refused to install. Which was kind of the point of the story, that Microsoft's entire update process can get so massively buggered that it can't even install the update required to fix the update system.

        Of course the comment which mentioned the KB numbers is modded down since we're all penguin loving Linux fanatics around here and nobody should need to fix Windows because nobody uses Windows for any reason ever.

        More likely because of the tone of the comment than the fact that it's about Windows. Giving useful info doesn't give free license to be a shithead.

        • (Score: 0, Touché) by Anonymous Coward on Monday October 17 2016, @01:45AM

          by Anonymous Coward on Monday October 17 2016, @01:45AM (#415046)

          More likely because of the tone of the comment than the fact that it's about Windows. Giving useful info doesn't give free license to be a shithead.

          You found the time to write a lengthy post containing your life story, but you couldn't find the time to locate the knowledge base page for an update that you installed recently, forcing anyone who read your worthless post to go find it themselves with no hint of which update it was. Your life story was obviously more valuable because you are a very important asshole. Fuck you.