Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

Why you should worry about Windows 10 cumulative updates

Batu69

By Batu69
in Software News

Recommended Posts

Batu69

Batu69

Posted
Posted

As long as it works, Microsoft's cumulative patching sounds fine -- but a single screw-up could have ongoing repercussions

Yesterday, Blair Hanley Frank from IDG News Service reported on an interview with Windows VP Joe Belfiore, describing Microsoft’s continued refusal to break apart Windows 10 cumulative updates. He quotes Belfiore:

We've involved a lot of companies and real-world IT management organizations in talking through the implications ... and our feeling talking with them is that the net result that you get is better… We've seen lots of examples of situations where end users experienced lower reliability or unpredictable system performance because of a relatively untested combination of updates. So our net intent is to improve the quality overall, for everybody. And we believe that this method will deliver that.

While Microsoft’s intentions are laudable (in some respects), they’re entirely dependent on one important point: In order for this to work, Microsoft must deliver patches for Windows 10 that are a lot better than the ones we've seen for every earlier version of Windows.

With eight Cumulative Updates for Windows 10 now under our belts, I think we can draw a few conclusions and point to several examples of how this decision may play out.

In case you wondered, I think rapid-fire cumulative patching is a bad idea -- and a few thousand people who signed last week’s petition asking for more transparency and better blocking tools likely agree. I’ve kvetched at length about Windows 10’s stealthy patches, always hoping Microsoft would see the light. Apparently that won't be the case anytime soon.

Here’s my informal tally of the Cumulative Updates

  • Aug. 5, CU 1 = KB 3081424
  • Aug. 12, CU 2 = KB 3081436
  • Aug. 14, CU 3 = KB 3081438
  • Aug. 18, CU 4 = KB 3081444
  • Aug. 27, CU 5 = KB 3081448
  • Sept. 8, CU 6 = KB 3081455
  • Sept. 15, CU 6.1 = KB 3095020 for Russian, Bulgarian, Uzbek, Kyrgyz, Mongolian, and Tajik locale tags
  • Sept. 30, CU 7 = KB 3093266
  • Oct. 13, CU 8 = KB 3097617, revised on Oct. 16

Most of those Cumulative Updates arrived with absolutely no description. KB 3081444 (CU 4), we’re told, includes the IE security fix described in MS15-093. KB 3081455 (CU 6) contains the varied patches described in MS15-094, MS15-095, MS15-097, MS15-098, MS15-101, MS15-102, and MS15-105. KB 3097617 (CU 8 ) contains the changes in MS15-106. That's all we know.

There have been several recent Windows 10 patches that aren’t Cumulative Updates: KB 3087040 fixed Flash in IE (my main production system shows KB 3087040 was installed two different times on Sept. 22, twice on Sept. 23, one more time on Oct. 1, and again on Oct. 13). There was a presumably different individual patch for Flash in IE and Edge, KB 3105216, on Oct. 19.

All told, we have eight cumulative updates since July 29, one stunted CU that only applies to eastern European locales, and two individual updates for IE and Edge. One of the individual updates was installed on my main machine six times, although the official Microsoft patch log lists it as going out only once, on Sept. 21.

Here’s the problem: As long as all of the patches work reasonably well, grouping together security patches with performance tweaks, bug fixes, other modifications, and the proverbial electronic kitchen sink doesn’t present a problem. However, when one of the component patches heads south, the whole house of cards can fall.

So far, the record has been clean. We’ve seen complaints galore, of course. Each CU was accompanied by a loud chorus of cries from Windows 10 customers who were sent into endless reboot loops, crashes, and lock-ups of various sorts. But for most people, most of the time, the CUs installed and worked.

What happens if/when we get a real stinker of a patch? What if, say, the fix for MS15-095 suddenly starts crashing enormous swathes of machines? Will Microsoft re-release the Cumulative Update for everybody, again and again, until it gets it right?

If my production machine is any indication, that seems to be exactly what happened with KB 3087040. In this one instance, it took Microsoft six tries over the course of three weeks to get it right. Take a look at your machines and see what you find.

Fortunately, KB 3087040 was a stand-alone patch, and Microsoft could re-release it with impunity. What happens if we hit an analogous situation with Cumulative Updates? Will we see a slightly tweaked Cumulative Update rolled out six times in three weeks?

Windows has had cumulative updates for years, even decades. They’ve typically focused on one particular technology: USB devices, for example, or time zones or Visual Basic. They’re invariably a roll-up of tested and proven patches, made available in one update for convenience. That’s not what we’re dealing with here. The Windows 10 Cumulative Updates are largely undocumented blobs of mixed patches delivered without warning.

The one disastrous cumulative update I can recall was Windows 8.1 Update 1. Yes, it was a Cumulative Update -- one that wasn't well received. Microsoft spent months forcing that update down the Windows user base’s collective throats, finally pulling back on its draconian deadline in the face of waves of customers who couldn’t match Microsoft’s pie-in-the-sky pace.

Cumulative updates work great as long as the patches themselves work reasonably well. If one of them breaks, there’s no telling what will happen. The situation is made substantially more difficult if we don’t know what’s in the specific update.

Perhaps you're ready to trust Microsoft's newfound patching prowess. Time will tell.

Source

Link to comment
Share on other sites
  • Replies 7
  • Views 1.3k
  • Created
  • Last Reply
straycat19

straycat19

Posted
Posted

The phallacy (spelling intentional) in trusting these cumulative updates is any changes made, ie not installing a certain update, or blocking something done by an update, is automatically overwritten everytime an update is released because the are installed again. If I were running Windows 10 I think I would just wait 2-3 years and then install the current cumulative update. I've mentioned before that I have seen Windows 7 systems that have never had an update installed since SP1 (thought there were over 300 downloaded waiting to be installed) and the system had never been compromised or infected with malware (in which case this would have been caught earlier).

Link to comment
Share on other sites
BALTAGY

BALTAGY

Posted
Posted

The phallacy (spelling intentional) in trusting these cumulative updates is any changes made, ie not installing a certain update, or blocking something done by an update, is automatically overwritten everytime an update is released because the are installed again. If I were running Windows 10 I think I would just wait 2-3 years and then install the current cumulative update. I've mentioned before that I have seen Windows 7 systems that have never had an update installed since SP1 (thought there were over 300 downloaded waiting to be installed) and the system had never been compromised or infected with malware (in which case this would have been caught earlier).

That exactly what i'm saying, i never updated my system if there's no problem, i never updated my Win7 and now i'm using Win8.1 update 1 and i'm lazy to update it to update 3 and i have no problem at all and i think i will keep with update 1 until i go to Win10 later when they finish all these updates

So i saved too many bandwidth with all these updates, i have never got infected, i keep testing my portables daily, i never got hacked or anything, i never got a problem that any update can fix it

If you have no problem there's no need to update in my personal opinion :)

Link to comment
Share on other sites
steven36

steven36

Posted
Posted

Windows 10 want never be finished and if you do one update you do them all .... If you run this O/S you're better off using a FW to block what you don't want it to call out , If you wait tell SR1 to install windows 10 you will get every single update out so far . Only way to stop windows 10 to fully stop updating is disable or block the update service. Its not like older windows. If you don't update Windows 10 you don't get needed bug fixes . Its not like Windows 7 were I had to run around looking for hot fixes for stuff they not put on windows update yet.

Windows 10 is a different kind of operating system for Microsoft. In years previous, Microsoft updated its operating systems at a snail’s pace. It would release a new version, then add in small fixes to address issues that users reported. Once stable enough, Microsoft would forget about adding new features and move on to developing its next operating system update.

Windows 10 problems were pretty big early on. Microsoft has deployed feature fixes at least once a month since the operating system launched. These patches make the operating system more stable and address the issues that users have reported. Memory leaks, failed start-ups, app crashing and Start Menu stability are all things that have improved in Windows 10 since I encouraged users to hold off on upgrading. Downloading the free Windows 10 upgrade is now something you can do without fear you’ll completely wreck your PC. I don’t think that was true for everyone immediately after launch.

If you do run into a problem there’s now roughly three months of knowledge base articles and Microsoft Answers posts to help you quickly troubleshoot that issue.

https://www.gottabemobile.com/2015/10/19/its-safe-to-get-the-free-windows-10-upgrade-now/


I installed every update on Windows 7 and 8.1 for for years and never had no problem tell they started adding spy and nagging updates . Now I simply install all updates but these . People make a big deal out these updates when there not a big deal they cant add nothing to you're machine you can't block with a firewall You are the master of you're own destiny Get a good firewall this will solve most of you're problems with windows . :lol:

Most people who had problems with windows 10 updates were not because they pushed out botched updates . It was other things that caused it like incompatible drivers ,3rd party start menus can cause it and you need to run a SFC scan to fix it , also not checking give me updates for other Microsoft products even if you don't have office caused errors its best to check this box. i read a lot . ;)

What would be the purpose of not installing updates on windows 10? Its not been around for years like windows 7 and got stable and since its not going be like other O/S were production stops you're going to need to install updates , I don't advise not doing security updates in windows 7 or windows 8.1 ether . I don't have faith that any anti-malware program can protect you 100% so we need all the help we can get.


DTL Antivirus testing proves two things
1. That and antivirus alone don't work 100%
2. That patching + antivirus works much better

Patching works
Using Windows Update regularly massively increases the level of protection. Microsoft’s anti-malware
product plus Windows Updates achieved a 99 per cent protection rate.


PDF
http://dennistechnologylabs.com/reports/s/a-m/2015/DTL_2015_AR.pdf

Link to comment
Share on other sites
BALTAGY

BALTAGY

Posted
Posted

Windows 10 want never be finished and if you do one update you do them all .... If you run this O/S you're better off using a FW to block what you don't want it to call out , If you wait tell SR1 to install windows 10 you will get every single update out so far . Only way to stop windows 10 to fully stop updating is disable or block the update service. Its not like older windows. If you don't update Windows 10 you don't get needed bug fixes . Its not like Windows 7 were I had to run around looking for hot fixes for stuff they not put on windows update yet.

Windows 10 is a different kind of operating system for Microsoft. In years previous, Microsoft updated its operating systems at a snail’s pace. It would release a new version, then add in small fixes to address issues that users reported. Once stable enough, Microsoft would forget about adding new features and move on to developing its next operating system update.

Windows 10 problems were pretty big early on. Microsoft has deployed feature fixes at least once a month since the operating system launched. These patches make the operating system more stable and address the issues that users have reported. Memory leaks, failed start-ups, app crashing and Start Menu stability are all things that have improved in Windows 10 since I encouraged users to hold off on upgrading. Downloading the free Windows 10 upgrade is now something you can do without fear you’ll completely wreck your PC. I don’t think that was true for everyone immediately after launch.

If you do run into a problem there’s now roughly three months of knowledge base articles and Microsoft Answers posts to help you quickly troubleshoot that issue.

https://www.gottabemobile.com/2015/10/19/its-safe-to-get-the-free-windows-10-upgrade-now/

I installed every update on Windows 7 and 8.1 for for years and never had no problem tell they started adding spy and nagging updates . Now I simply install all updates but these . People make a big deal out these updates when there not a big deal they cant add nothing to you're machine you can't block with a firewall You are the master of you're own destiny Get a good firewall this will solve most of you're problems with windows . :lol:

Most people who had problems with windows 10 updates were not because they pushed out botched updates . It was other things that caused it like incompatible drivers ,3rd party start menus can cause it and you need to run a SFC scan to fix it , also not checking give me updates for other Microsoft products even if you don't have office caused errors its best to check this box. i read a lot . ;)

What would be the purpose of not installing updates on windows 10? Its not been around for years like windows 7 and got stable and since its not going be like other O/S were production stops you're going to need to install updates , I don't advise not doing security updates in windows 7 or windows 8.1 ether . I don't have faith that any anti-malware program can protect you 100% so we need all the help we can get.

DTL Antivirus testing proves two things

1. That and antivirus alone don't work 100%

2. That patching + antivirus works much better

Patching works

Using Windows Update regularly massively increases the level of protection. Microsoft’s anti-malware

product plus Windows Updates achieved a 99 per cent protection rate.

PDF

http://dennistechnologylabs.com/reports/s/a-m/2015/DTL_2015_AR.pdf

For me User is more important than updates with Antivirus, how you use your system or internet can make you get infected or not, since i start to use the computer as i remember was windows 3.11 or something lol i get infected at first and it's all my fault, i been running untrusted files from untrusted sources for testing, but starting from Win95 i never update my system and never got infected, i only update when new system come up just because i got bored from the old one lol

I been turning off my Windows Update service since Win7 and never needed to update my system to fix anything, but you do that if you know what are you doing and what exactly you need

And i agree with you about get the bug fixes via update but only if these bugs effect you, some bugs i can't see it because i don't use some stuff like Metro apps personally i disable it, if the bugs don't effect me then it's all good :)

Link to comment
Share on other sites
steven36

steven36

Posted
Posted

For me User is more important than updates with Antivirus, how you use your system or internet can make you get infected or not, since i start to use the computer as i remember was windows 3.11 or something lol i get infected at first and it's all my fault, i been running untrusted files from untrusted sources for testing, but starting from Win95 i never update my system and never got infected, i only update when new system come up just because i got bored from the old one lol

I been turning off my Windows Update service since Win7 and never needed to update my system to fix anything, but you do that if you know what are you doing and what exactly you need

And i agree with you about get the bug fixes via update but only if these bugs effect you, some bugs i can't see it because i don't use some stuff like Metro apps personally i disable it, if the bugs don't effect me then it's all good :)

Thing about Windows 10 there's no way to install just certain updates to make the O/S more stable or secure its all or nothing. If you have not caught a Virus since windows 95 and never caught a virus you're doing better than most people.

XP was so bad back in the early 2000s most people got infected in about 20 minutes Before they could get windows updates to protect themselves .

As the SANS Institute notes, 20 minutes is not long enough to update your Windows PC before it is too late. If you take a new PC out of the box, plug it in to the Internet, and power it on, most people (most people? OK - a lot of people. Uh, alright - some people. Erm ... *sigh*. A few people. Happy?) know enough to immediately hie thee over to Windows Update and get the latest patches from Microsoft. Then reboot. And get more patches. And reboot. Ad infinitum. Oh, and don't leave out the latest anti-virus updates either. Gotta have those. Oh oh oh - don't forget Windows XP Service Pack 2, the gotta-have update from Microsoft, which "may be as small as 70 megabytes (MB) or as large as 260 MB".

Article on XP from 2004 Infected in 20 minutes

http://www.theregister.co.uk/2004/08/19/infected_in20_minutes/

Back in those days Antivirus was not very good, so you could get infected easy even if you had one . It was not tell they made SP2 with a better built in Firewall that Virus slowed down any.

For me ether Antivirus or patching has got much better .Because every since I stop using x86 XP I had no trouble at all. I used Kaspersky the last 5 out of 10 years I was on XP and it kept me pretty well protected .

Link to comment
Share on other sites
BALTAGY

BALTAGY

Posted
Posted

For me User is more important than updates with Antivirus, how you use your system or internet can make you get infected or not, since i start to use the computer as i remember was windows 3.11 or something lol i get infected at first and it's all my fault, i been running untrusted files from untrusted sources for testing, but starting from Win95 i never update my system and never got infected, i only update when new system come up just because i got bored from the old one lol

I been turning off my Windows Update service since Win7 and never needed to update my system to fix anything, but you do that if you know what are you doing and what exactly you need

And i agree with you about get the bug fixes via update but only if these bugs effect you, some bugs i can't see it because i don't use some stuff like Metro apps personally i disable it, if the bugs don't effect me then it's all good :)

Thing about Windows 10 there's no way to install just certain updates to make the O/S more stable or secure its all or nothing. If you have not caught a Virus since windows 95 and never caught a virus you're doing better than most people.

XP was so bad back in the early 2000s most people got infected in about 20 minutes Before they could get windows updates to protect themselves .

As the SANS Institute notes, 20 minutes is not long enough to update your Windows PC before it is too late. If you take a new PC out of the box, plug it in to the Internet, and power it on, most people (most people? OK - a lot of people. Uh, alright - some people. Erm ... *sigh*. A few people. Happy?) know enough to immediately hie thee over to Windows Update and get the latest patches from Microsoft. Then reboot. And get more patches. And reboot. Ad infinitum. Oh, and don't leave out the latest anti-virus updates either. Gotta have those. Oh oh oh - don't forget Windows XP Service Pack 2, the gotta-have update from Microsoft, which "may be as small as 70 megabytes (MB) or as large as 260 MB".

Article on XP from 2004 Infected in 20 minutes

http://www.theregister.co.uk/2004/08/19/infected_in20_minutes/

Back in those days Antivirus was not very good, so you could get infected easy even if you had one . It was not tell they made SP2 with a better built in Firewall that Virus slowed down any.

For me ether Antivirus or patching has got much better .Because every since I stop using x86 XP I had no trouble at all. I used Kaspersky the last 5 out of 10 years I was on XP and it kept me pretty well protected .

What makes me really angry is if i want to install an old driver that you can only update it via Windows update i will have to install all updates, that's a very stupid idea from Microsoft :angry:

Link to comment
Share on other sites
steven36

steven36

Posted
Posted

You can install and old driver you can turn off Driver updates in windows 10 I don't use the drivers from Microsoft they mess up my PC . I tested 3 different Display drivers in Windows 10 today and 14.502.1014.1001 work better for me than the new 15.200 x series for windows 10 ;)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...