Microsoft’s problem isn’t how often it updates Windows—it’s how it develops it

[nir]

Buggy updates point at deeper problems.

It's fair to say that the Windows 10 October 2018 Update has not been Microsoft's most successful update. Reports of data loss quickly emerged, forcing Microsoft to suspend distribution of the update. It has since been fixed and is currently undergoing renewed testing pending a re-release.
 

This isn't the first Windows feature update that's had problems—we've seen things like significant hardware incompatibilities in previous updates—but it's certainly the worst. While most of us know the theory of having backups, the reality is that lots of data, especially on home PCs, has no real backup, and deleting that data is thus disastrous.

Windows as a service

Microsoft's ambition with Windows 10 was to radically shake up how it develops Windows 10. The company wanted to better respond to customer and market needs, and to put improved new features into customers' hands sooner. Core to this was the notion that Windows 10 is the "last" version of Windows—all new development work will be an update to Windows 10, delivered through feature updates several times a year. This new development model was branded "Windows as a Service." And after some initial fumbling, Microsoft settled on a cadence of two feature updates a year; one in April, one in October.
 

This effort has not been without its successes. Microsoft has used the new model to deliver useful new features without forcing users to wait three years for a new major version upgrade. For example, there's a clever feature to run Edge seamlessly in a virtual machine to provide greater protection from malicious websites. The Windows Subsystem for Linux (WSL), which equips Windows systems to run Linux software natively, has proven a boon for developers and administrators. The benefits for pure consumers may be a little harder to discern—though VR features compatible with SteamVR, improved game performance, and a dark theme, have all been nice additions. While the overall improvements are smaller, the current Windows 10 is certainly better than the one released three years ago.

 

This is a good thing, and I'd even argue that some parts of it could not have been done (or at least, could not have been done as successfully) without Windows as a Service. WSL's development, for example, has been guided by user feedback, with WSL users telling Microsoft of incompatibilities they've found and helping the company prioritize the development of new WSL features. I don't believe WSL could have received the traction it has without the steady progress of updates every six months—nobody would want to wait three years just to get a minor fix so that the package they care about runs properly. Regular updates reward people for reporting bugs, because they can actually see those bugs resolved in a timely manner.
 

The problem with Windows as a Service is quality. Previous issues with the feature and security updates have already shaken confidence in Microsoft's updating policy for Windows 10. While data is notably lacking, there is at the very least a popular perception that the quality of the monthly security updates has taken a dive with Windows 10 and that installation of the twice-annual feature updates as soon as they're available is madness. These complaints are long-standing, too. The unreliable updates have been a cause for concern since shortly after Windows 10's release.
 

The latest problem has brought this to a head, with commentators saying that two feature updates a year is too many and Redmond should cut back to one, and that Microsoft needs to stop developing new features and just fix bugs. Some worry that the company is dangerously close to a serious loss of trust over updates, and for some Windows users, that trust may already have been broken.
 

These are not the first calls for Microsoft to slow down with its feature updates—there have been concerns that there's too much churn for both IT and consumer audiences alike to handle—but with the obvious problems of the latest update, the calls take on a new urgency.

It's not how often, it's how
 

But saying Microsoft should only produce one update a year instead of two, or criticising the very idea of Windows as a Service, is missing the point. The problem here isn't the release frequency. It's Microsoft's development process.
 

Why is it the process, and not the timeframe, that's the issue? On the release schedule front, we can look at what other software does to get a feel for what's possible.
 

Two updates a year is more frequent than macOS, iOS, and Android, so in a sense Microsoft is attempting to overachieve.

But it's not unprecedented: Ubuntu sees two releases a year, and Google's Chrome OS, like its Chrome browser, receives updates every six weeks. Beyond the operating system space, Microsoft's Office Insider program has a monthly channel that delivers new features to Office users each month, and it manages to do so without generating too many complaints while delivering a steady trickle of new features and fixes. The Visual Studio team similarly produces frequent updates for its development environment and online services. Clearly, there are teams within Microsoft that have adapted well to a world in which their applications are regularly updated.
 

Move beyond the world of on-premises software and into online and cloud services, and we see, both within Microsoft and beyond, increasing adoption of continuous delivery. Each update made to a system is automatically deployed onto production servers once it's passed sufficient automated testing.
 

It's true that none of these projects is as complicated at Windows. Ubuntu may contain a more diverse array of packages, but it benefits from many of these packages being developed as independent units anyway. Windows does, of course, contain many individual components, and Microsoft has done a lot of work to disentangle these. But the fact remains that its scale is unusually large—and unusually integrated. Windows is also, at least in places, extremely old.
 

These factors certainly make developing Windows challenging—but so challenging as to make two releases a year impractical? That's not clear at all. It just needs the right development process. [...]

Read the long full article at the source page.

Source

[steven36]

Ubuntu back ports updates from upstream Debian , Linux Kernel   and other projects  that has been tested by different  teams ..  Things they change then there teams test it they have a daily image iso  they test it almost 8 months  they dont vote on witch bugs  that need fixing based on a feedback app   they fix any bugs they find   ..  Ubuntu has lots of bugs they have to deal with  each desktop environment  will have certain bugs that need fixed . They still release update packages never cumulative ones  on live updates  and update could arrive at any hour of the day , or once a day  or a few times a week updates kind get slow around the holidays .

 

As far LTS releases they get very little software changes so most of the updates are security updates only some software like browsers  and email clients gets updated a lot because they full of security bugs.

 

Windows problem is they laid off there paid testers and there closed source so no one can read the code to see whats wrong with it,  there depending on consumers  who know nothing about coding software and even if they did know how to read code they have no access too it. so most all bugs are being found in the wild  , they join insiders so they can get versions faster not to test .   The bug that deleted peoples files in the Oct update had been reported mouths before by some insiders that are finding bugs in the wild but they didn't receive enough votes to fix the bugs. 

 

But comparing windows 10  with Ubuntu you got to be joking . Out of all the Linux distros  that serve enterprise and consumers only do Ubuntu give you the same thing for all users . Susie  Enterprise paid is different than  Susie for consumers.. RED Hat is not the same as Cent OS witch is there fork for consumers are people who dont want to pay and this  is why Ubuntu server is the most used OS in the server world.  Arch cant even be trusted in a production environment its just so elitist can brag about how smart they are because they got a bunch of unstable packages running .

 

Well Windows 10 for Consumers is not far off from Manjaro aka Arch for Dummies and other rolling releases . Only stable Windows 10 is LTSB for paid enterprise  and the only Stable Linux is LTS  free to everyone. So i dont agree  with them that the latest version of Windows 10 is the best   after some updates to fix the bugs LTSB is... Same as people who run Ubuntu  LTS  the 1st version  is  really beta , so  really its best to wait tell it gets a point release are two and gets stable and  upgrade then ,  but Microsoft dont give consumers this choice . That's the way Windows 10 was designed is for the consumer to be labrats . The release Ubuntu  releases every 7 mths is not considered stable, its for people who want to test new features and software  . And LTS never comes out on Ubuntu auto updates as a choice tell the 1st point release comes out. They recommend   you not use them unless you like living on the edge a little.

 

Microsoft and Apple both  let companies delay installing updates until they’re better tested by consumers.   The old way Windows done it, was much better because they released like   1-3 point releases in 10 years for everyone. XP had the most they had 3 SP before.   They been 8 versions  of Windows 10 so far  and 2 LTSB versions.  All Windows  versions was full of bugs on day 1 they was released to the public  .

[sefton22]

My suggestion a while back was to revert back to offline updates. since win xp, i've had numerous updates fail due to file corruption, windows update crashes, hardware and software incompatibility (when there wasn't one), updates hanging during an update...the list could go on and on. i waiting nearly a year to have another go at win10 due to Windows Defender quarantining most programs as malware, but we are back to the same bug ridden flaws in the Oct update....MS should drop the update sharing option as if one pc gets a corrupt update, everyone else is going to get the same problem

 

MS ditching its own testers (and ignoring known bugs from the fast ring users) could only ever be a bad thing. this will start making people think twice about moving to the next OS released (i know i am), after all, the next one is destined to be a ME/ Vista/ Win8 disaster as their predecessors were well received and no-one really wanted to part company unless they really really had to.

 

with MS is now trying to worm its way into every aspect of peoples lives and with win10 now capable of locking/ unlocking  your pc...this just seems like another way for MS to get you to sign up to use an online login, which doesn't fill me with any confidence. its far too late for MS to muscle in on what people have used and adapted to for years, they should just stick to the basics and get them right instead

[Karlston]

Michael Horowitz's interesting take...

Defending against Windows 10 bug fixes

Software always needs bug fixes. Still, it is widely understood that Windows Update, which installs bug fixes for Windows, is itself dangerous. Too many bug fixes create new problems. It has gotten so bad that every techie paying attention knows to wait before installing the latest "updates." Let someone else experience the inevitable bugs that new fixes create.

 

This reached it apex a few days ago when installing updates to Windows 10 wiped out all your files. Worse still, Microsoft was warned about that problem and ignored the warning. Just disgraceful. Then too, the October round of Windows bug fixes disabled audio for some people and caused some HP computers to crash.

 

How long to wait, is a matter of opinion. Personally, I wait at least 3 weeks before installing any new bug fix. Someone could argue that during these 3 weeks the systems that I manage are vulnerable to the latest flaws which bad guys reverse engineer and begin exploiting pretty quickly. While that is certainly true, there is no single obviously right answer. Any patching schedule entails some risk.

 

At least with Windows 7 and 8, we are in total control of the patching schedule. Windows 10, however, complicates things a lot.

 

Unlike earlier versions of Windows, Windows 10 is totally re-built twice a year. These rebuilt versions are equivalent to what Microsoft used to call a Service Pack. It is a new starting point for the operating system, one that includes both new features and bug fixes. In September 2017 (more or less) Microsoft released the 1709 edition/service pack of Windows 10. In April (more or less) they released the 1803 edition and in October 2018 they released a Windows 10 service pack called 1809.

 

These Windows 10 service pack editions are then supported with bug fixes for perhaps a year or two (I am not sure of the current rules). These bug fixes are released roughly twice a month. For the 1803 edition, the most recent bug fixes were released on October 9th, September 26th, 17th and 11th, August 30th and 14th and July 24th, 16th and 10th.

 

At some point, bug fixes for each Windows 10 Service Pack stop, and users are forced to upgrade to a newer service pack release. This upgrade is a pain; it is time consuming and very much like a total re-install of the system. Many preferences are reset to the way Microsoft wants them, which is often not what the end user wants.

 

Avoiding the upgrade hassle costs money.

 

Microsoft's best customers are rewarded with the least hassle, they only have to install a new service pack edition of Windows 10 every two years. The rest of us are forced to do so more often. Customers that paid more for the Professional edition of Windows 10, can delay the forced install of a new service pack by configuring some system settings. Those who paid less for the Home Edition, have to research hacking the registry, there is no user interface for delaying a new service pack.

 

The more money you give Microsoft, the better you get treated.

 

FIND THE POPES IN THE PIZZA

 

In Windows 10 Professional, the user interface for delaying bug fixes and service packs is about as confusing as it could possibly be. In my opinion, this is not an accident, I feel that the user interface was purposely designed to trick as many people as possible into not delaying anything. In this regard, I regard Microsoft as the enemy, not the friend of Windows users. Too extreme? Read on.

 

Anyone using Windows has logged on to the operating system with a userid/password. There are two important classes of Windows users: administrators and restricted users. Administrators have full run of the place, they can do anything they please (I am simplifying a bit). Restricted users, which Windows 10 refers to as Standard users, are restricted in what they can do.

 

The Defensive Computing approach is to logon as a restricted user. I do so all the time; so too do my clients. It's safer that way. For example, if anything malicious gets onto the computer, it is limited in the damage it can cause. Restricted users see the same system settings as Administrators but should they attempt to do something that can screw up the system, such as stopping a service, disabling a device in Device Manager or installing new software, they have to first provide the password for an Administrator user.

 

That's the way Windows works almost all the time. The one exception is this, delaying the installation of Windows 10 bug fixes and Service Packs. In this case, Restricted/Standard users don't even see the options to delay things. Only when logged on to Windows as an Administrator are the controls described later visible.

 

If you are following along at home, go to System Settings -> Update and Security -> Windows Update (should be the default) -> Advanced Options.

Windows Update Advanced Options for a Restricted/Standard user

Above are the advanced options for Windows Update as shown to a Restricted/Standard user (screen shot from service pack 1709). There is nothing about delaying bug fixes.

 

In contrast, the Advanced Options for Administrators are shown below. There are three options for choosing when updates are installed (which translates to delaying bug fixes).

 

Windows Update Advanced Options for an Administrator class user

DELAY PLEASE

 

The three visible settings have names that make no sense, which I take as evidence that Microsoft wants to shove bug fixes down the throats of their customers.

 

The first setting is branch readiness (see what I mean?) which offers a choice of two branch channels.

 

What is a branch channel? Good question, as the terminology here has changed during the lifetime of Windows 10. Simply put, a branch channel refers to the age of a given Service Pack (1709, 1803, 1809, etc.). One branch channel refers to a new Service Pack, the other to a slightly older one.

 

Each of the branch channels are called Semi-Annual, a reference to the twice-a-year Service Pack releases of Windows 10. One is just plain Semi-Annual, the other adds the word "Targeted". According to Microsoft, the targeted branch channel is for "most people" and the non targeted branch is for "widespread use in organizations." Got that?

 

Translating this doublespeak into English, as best I can, the one for "most people" is newer, the one for "widespread use in organizations" is older. Older Service Packs are more reliable, so this is what I recommend. Non techies, who have not read this article, are used as guinea pigs. They experience the bugs in a new Service Pack, while those of us in the know, wait a while for bugs to be fixed, before installing the same Service Pack.

 

To illustrate, the 1803 service pack of Windows 10 was released to the public (the "most people" branch channel) on April 30, 2018. It was released to the "widespread use in organizations" branch channel about 2.5 months later (July 10,2018). The previous 1709 service pack, was first released October 17, 2017 but not released to the "widespread use in organizations" branch channel until January 18, 2018.

 

When a Service Pack is first released to the public, it is installed on the Home Edition customers. Currently, in October 2018, the 1809 service pack of Windows 10 is being sent to Home Edition users. A Professional edition of Windows 10, that is configured for the "widespread use in organizations" branch channel, will not get the 1809 edition for a few months. This is, perhaps, the best reason to pay more for the Professional edition.

 

Techies saddled with the Home Edition, can easily find instructions online for updating the Windows Registry to enable the same delaying options available in the Professional Edition.

 

The next option is for Feature Updates. What is a Feature Update? It is a Service Pack. Here you can defer the installation of a Service Pack for a certain number of days, up to 365. If you were paying attention, the just-discussed Branch Channel option also delayed the installation of Service Packs. How do these two options relate to each other? Beats me.

 

Also not explained is the exact definition of the number of days. That is, just when does the option for delaying for x days start? When the Service Pack was first released? When it first hit the "widespread use in organizations" branch channel? Today? April Fools day? And, for that matter, to which Service Pack does the delay even apply? On a copy of Windows 10 version 1709, does the delay apply to the 1803 Service Pack or the 1809 Service Pack?

 

None of our business.

 

Whatever the definition, the safest option is to delay it as long as possible.

 

The last option involves a Quality Update. Confused about the term Quality Update? You should be, Microsoft is inconsistent in their terminology. Simply put, a Quality Update refers to bug fixes to a Service Pack. As shown below, in a screen shot of the Microsoft Catalog, these bug fixes are also referred to as Cumulative Updates and Security Updates. The only consistency is the word update, a euphemism for fixing a mistake.

Bug fixes = Quality Update = Cumulative Update = Security Update

We have seen the rise of euphemisms before. George Carlin did a bit about the effect of combat on soldiers. In the first World War, soldiers suffered from shell shock. Simple, honest, direct language. By the second World War, the same condition was called battle fatigue. In the Korean war it was referred to as operational exhaustion and by the Vietnam war it was Post Traumatic Stress Disorder.

 

You may have noticed that I am a shell shock kind of guy. In this article, bug fixes are bug fixes, not updates. Ditto for Service Packs. My intention is to explain, Microsoft's intention is to make Post Traumatic Stress Disorder out of shell shock.

 

Getting back to the main point, the installation of bug fixes to the currently installed Windows 10 Service Pack can be delayed for up to 30 days. I suggest setting this to 30 days.

 

TWO MORE LAND MINES TO AVOID

 

There are still two more Windows Update gotchas to be aware of.

 

The first is that the just-discussed delaying settings are ignored if you explicitly ask Windows to check for updates. This was not always the case, but it is now and Microsoft clearly does not want their customers to know this.

 

Danger! Danger!

This was recently explained by Chris Hoffman of How To Geek who wrote: "When you click the “Check for Updates” button, Microsoft gives you updates early, skipping a normal part of the testing process ... For now, this weirdness with the “Check for Updates” button only applies once every six months when a new major update to Windows 10 is released."

 

He summarized the official Microsoft position as "We encourage you not to click “Check for Updates” unless you're an advanced user who wants the update early."

 

And, making a bad situation worse, Hoffman points out that once Windows Update starts downloading an update, you can not stop it.

 

NO DRIVERS FOR YOU

 

The final defensive step against Windows bug fixes is avoiding driver updates. This is particularly timely as the October 2018 patches included not one, but two bad drivers.

 

There is a way to prevent Windows update from installing new drivers, but it is hidden, even from Administrators. In fact, it is not included in the System Settings at all. Instead, this is controlled with the Local Group Policy Editor. See what I mean about Microsoft being the enemy.

 

The Local Group Policy Editor controls drivers

The procedure is described in detail by Mauro Huculak in How to disable automatic driver updates on Windows 10. In brief, you run gpedit.msc, go to Computer Configuration -> Administrative Templates -> Windows Components -> Windows Update and look for the "Do not include drivers with Windows Update" policy.

 

As with the other Windows Update tweaks, this one too requires Home Edition users to hack away at the registry (the Huculak article has the details).

 

TOO MUCH?

 

Is this too much? Am I over-reacting to the danger of just-released bug fixes?

 

Let's not forget that Windows Update even fails at updating itself.

 

I oversee a number of Windows 7 machines. More than once I have updated a PC with the August 2018 or September 2018 monthly patches only to run Windows Update again, after the last patch was installed and the system rebooted, and find that it wants to install a patch that was first released back in September 2016. This missing patch is to Windows Update itself and without it many people experienced a 0x8000FFF error. Then, when Microsoft tried to fix this, they screwed that up too. And, back to euphemisms, rather than fixing a bug in Windows Update, Microsoft released a Servicing Stack Update. Shell shock.

 

Mary Jo Foley has covered Microsoft for ZDNet for years. She clearly has her ear to the ground. What does she, herself, do? On October 10th, she wrote:

"Even after the first two or three or four cumulative updates roll out for a new feature update, I am still leery about putting it on my PC. I know these releases have gone through testing internally at Microsoft and externally through the Insider program, but they still inevitably cause various compatibility and other issues for users right out of the gate. And I just don't have the time, or in many/most cases, the knowledge, to fix what breaks."

 

Translating: The term "cumulative update" refers to the twice-a-month bug fixes to a Service Pack. A "feature update" is a Service Pack. In essence she is warning us to be wary of new Service Packs and wait as long as possible before installing them.

 

And, after I thought I was finished writing this article, along came Gregg Keizer in Computerworld with Critics warn Microsoft it needs to fix broken update process. Keizer writes that "Calls for Microsoft to improve the quality of its upgrades and updates have been building for some time" and notes that many people attribute Microsoft's 2014 dismissal of internal testers to the decline in quality. Along those lines is the latest Windows Update disaster, the installation of the 1809 Service Pack deleting users' files. The bug was reported to Microsoft, and ignored. It was such a disaster, that Microsoft stopped the rollout of the 1809 Service Pack.

 

Here are some points made by experts in the article.

• Long-time Windows-watcher Ed Bott said, in regard to the withdrawl of the 1809 Service Pack, "it raises the question of whether the company is moving too fast and breaking too many things in the process"
• Susan Bradley, an expert on Windows patches, surveyed her fellow IT professionals and reported how dissatisfied they were with the Windows patching process, in particular with the quality (too many bugs/problems). She is quoted saying "Many users and enterprises have lost trust in the entire updating process." And, speaking for IT folks in charge of patching, she warned Microsoft that things can not go on as is.
• Mary Jo Foley suggested that Microsoft should stop releasing new features for a while and focus instead on bug fixes.
• Chris Goettl, product manager with Ivanti, said "If Microsoft wants to continue down this track of the Windows 10 [rapid release] model, its upgrades and updates must be of better quality than they have been."

 

And, the hits keep coming ... Peter Bright of Ars Technica, just today, wrote Microsoft’s problem isn’t how often it updates Windows—it’s how it develops it. Ouch.

 

So, no, I do not think the advice in this article is an over-reaction.

 

By the way, Chromebooks also force Operating System updates on users, but I have yet to hear of an update to ChromeOS causing the type of problems that updates to Windows cause.

 

Source: Defending against Windows 10 bug fixes (Michael Horowitz)