Batu69 Posted October 20, 2016 Share Posted October 20, 2016 Microsoft switched how updates are delivered to the client operating systems Windows 7 and Windows 8.1 -- and also server operating systems -- in October 2016. Updates were provided as individual patches, and classified as security or non-security updates in the past. This meant that users and administrators could pick what they wanted to install on the system; excellent to avoid any Telemetry updates or other updates designed to introduce unwelcome functionality or changes to the operating system. Also, great for troubleshooting as it meant that you could remove problematic updates while keeping every other update installed. From October 2016, updates are delivered as so-called rollup patches. Microsoft offers a security-only rollup patch which includes only security updates, and a monthly rollup patch which includes security and non-security updates. While the system is not in full swing right now, individual security patch downloads are still available on the Microsoft Download Center, it leaves users and administrators with just three choices: Block all updates. Install only the Security rollup for each month. Install the monthly rollup. So, if users or admins select to install only security rollup updates, they won't get any of the non-security updates. There are two issues with the way these things are handled apart from the obvious one that users won't be able to install feature updates that they want, unless they install any other patch that Microsoft adds to the rollup updates: Will Microsoft separate security and non-security updates strictly? How are fixes for bugs that security updates introduce handled? Clear distinction between security and non-security updates? Security updates should be included in the security rollup for each month, and non-security updates in the monthly rollup. Users who want to keep their system secure can do so in theory by only installing security patches. The past has shown however that Microsoft did include non-security updates in security patches. In March 2016, it released MS16-023 which installed new "Get Windows 10" functionality along with the security fixes. Since it has been done before by Microsoft, there is a possibility that the company will push non-security updates by adding them to the security rollup patch for a given month. To play devils advocate, Microsoft could add Telemetry patches to the security rollup update. This would put users and administrators who install only the security updates in a position that they cannot escape from. Either install the security rollup to keep the system secure but deal with the unwanted patches, or don't and leave the system open to attacks. Fixes for bugs that security updates introduce How will Microsoft handle bugs that are introduced by security updates? Will Microsoft add patches for those bugs to the security rollup of the month, or will it add those only to the monthly rollup update? The former would mean that non-security updates are added to the security rollup update, the latter that users who only install security rollups won't get those patches. The security update MS16-087 introduced a bug that prevented "pushed-printer connections and printer connections from trusted servers from being installed in Point and Print scenarios". If you check the changelog of the November 2016 monthly rollup preview which Microsoft published on Tuesday, you will notice that it includes a fix for that issue. There is a third possibility, but it seems unlikely: Microsoft could update the security patch so that the issue that it introduces gets fixed by it. Now, that does not mean that the update won't be added to the security rollup update for November for affected operating systems. We don't know if that will be the case, but will monitor the situation closely. (via Ask Woody) Article source Link to comment Share on other sites More sharing options...
Ice Frog Posted October 20, 2016 Share Posted October 20, 2016 why introduce bug in first place? Link to comment Share on other sites More sharing options...
straycat19 Posted October 20, 2016 Share Posted October 20, 2016 Quote How will Microsoft fix bugs that security updates introduce? Which is exactly why it is not necessary to install updates. The claims that it fixes your system and makes it more secure is just pure microsoft shit. (I would have said bullshit, but I didn't want to insult the bull.) Since the dawn of windows Microsoft has tried to patch it and only created more holes that need more patches that create more holes. You are better off just installing the latest pure release and not installing updates at all. This works remarkably well in Windows 7 and 8.1. If we consider Windows 10, well you just moved to the Dark Side and there is no help for you. You are destined to spend the rest of your computing life in hell. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.