Microsoft flips, then flops, on Windows 10 Fall Update

Microsoft has been pulling strange Windows 10 patching shenanigans over the past week. What's really going on at Redmond?

Microsoft flips, then flops, on Windows 10 Fall Update
Credit: Shutterstock

Late on the afternoon of Friday, Nov. 20, without any announcement or warning, Microsoft pulled the Windows 10 version 1511 bits from its Media Creation Tool site. Prior to the takedown, the MCT would either install or create a file that would let you install Windows 10 version 1511 (a.k.a. Threshold 2, build 10586.0, Fall Update). After the takedown, the MCT would install or let you create a file that would let you install only the old, original "RTM" Windows 10, build 10240.

At the same time, I started seeing more reports that the Windows Update upgrade to Windows 10 build 1511 wasn't available through Windows Update. People on the RTM build couldn't install the Threshold 2 update, and it wasn't being pushed. Microsoft may or may not have pulled the 1511 installer from Windows Update. It's very hard to verify one way or the other because (as best I can tell) none of this is documented.

Ed Bott at ZDNet reported that Microsoft sent him a statement (apparently on Nov. 22):

The November update was originally available via the MCT tool, but we've decided that future installs should be through Windows Update. People can still download Windows 10 using the MCT tool if they wish. The November update will be delivered via Windows Update

This is so incredibly screwed up on so many levels it's hard to know where to start. I wrote about my confusion on Nov. 23.

Then, as suddenly (and surreptitiously) as it started, on Tuesday, Nov. 24, everything went back to precisely the way it was. The Media Creation Tool site would either install or create a file that would let you install Windows 10 version 1511 build 10586.0 (which appears as "OS Build 10586" when you type "winver" in the Cortana search box). The installation and the file were precisely the same as the ones on the morning of Nov. 20 -- no changes at all.

Sometime later on the afternoon/evening of Nov. 24, Microsoft released a third cumulative update for version 1511, KB 3120677, which references another KB article that describes the changes made in CU 3. It says:

Recently we learned of an issue that could have impacted an extremely small number of people who had already installed Windows 10 and applied the November update (Version 1511). When the November update was installed, a few settings preferences may have inadvertently not been retained for advertising ID, Background apps, SmartScreen Filter, and Sync with devices. This issue has been fixed in the update that accompanies KB3120677.

For those customers who previously installed the November update (Version 1511), we are working to help restore their previous settings over the coming days and we apologize for the inconvenience. In the meantime, users interested in checking their settings can find them by going to Settings, then Privacy.

This created even more problems than the "November update will be delivered via Windows Update" post.

Those are the facts. They raise a host of issues.

For starters, Microsoft has been keeping track of those four security settings. If you install build 10568, the four security settings are changed to their default state.

For example, the Advertising ID setting (which I find unnecessarily intrusive), gets switched to "Let apps use my advertising ID for experiences across apps," even if you had previously turned it off. When you install Cumulative Update 3, KB 3120677, Microsoft reaches into its apparently extensive records about your privacy settings and reverts the four settings to whatever they might have been previously. At a minimum, that means Microsoft is keeping tabs on these privacy settings going back several builds. It also hints that Microsoft may have kept historical records on analogous settings (including Advertising ID) for Windows 8.1.

You have to wonder how much information Microsoft maintains on your settings and on other aspects of your machine, not to mention for how long. Telemetry is a slippery slope.

Another example: Why did Microsoft pull version 1511 build 10586, then re-release the identical build, and fix the problem with a Cumulative Update? What bug was so all-fired important for "an extremely small number of people" that it justified yanking build 1511 and changing the update policy, when in the end the mess was solved with a Cumulative Update?

Yet one more example: Why did Microsoft suddenly change its updating method from "use our Media Creation Tool" to "via Windows Update only," then back again three days later?

Bott has a theory, and I think it's valid:

Given the legal restrictions that Microsoft works on worldwide as well as the hits the company has taken in the past few months over privacy in Windows 10, the issue was hypersensitive. That means lawyers were involved, and when the legal team shows up, normal communication grinds to a halt. It also explains why the original statement that Microsoft supplied on Saturday made no sense.

I don't think that's the whole story. I think Microsoft is using those four settings as an excuse for an old-fashioned Keystone Cops patching move -- and Microsoft has had many Keystone reenactments over the years. Is it possible that somebody made a stupid patching decision on Friday -- one that completely changed the company's policy on Windows 10 patching -- and cooler heads didn't prevail until days later? Was the boss on vacation?

If the shenanigans are a cover for a truly boneheaded move, my confidence in Microsoft's ability to patch Windows 10 -- which has never been very high -- took a big nosedive. If not, then what the hell happened?

Someday, maybe we'll get a straight post on the Windows blog. Something like:

There's a bug in the Windows 10 November Update (build 1511) that changes privacy settings for approximately xxx% of all Windows 10 customers who install the November Update. The settings for advertising ID, Background apps, SmartScreen Filter, and Sync with devices were inadvertently set to their old, default values. We're working on a fix, and should have it out in a few days. In the interim, you should check those settings (Start > Settings > Privacy) and make sure they're set the way you want them.

It's simple, straightforward, truthful, with no runaround or CYA.

That, of course, is pure fantasy. Microsoft's corporate culture may have changed a bit, but alas, straight truth isn't in the cards.

Satya Nadella wants us to love Windows. But how can we love something we can't trust?

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.