I've had many requests for a simple rundown on Windows updates. There are so many Windows patches flying around -- many of them poorly documented or not documented at all -- that it's hard to figure out who's on first and what's on second. Here's my Thursday-morning quarterback synopsis of what's been fixed and what still remains to be done, drawing from both Microsoft's official pronouncements and some experience in the trenches.
Windows 10 Anniversary Update -- version 1607
Yesterday's cumulative update, KB 3176938, brought Windows 10 version 1607 up to build 14393.105. Although the official changelog lists nearly a hundred changes, there's very little mention of several showstopper bugs in the Anniversary Update.
It looks like 14393.105 fixes the long-standing disk freeze problem that has bedeviled many systems since AU's release a month ago. Commenters on the Reddit thread on the topic have generally reported that the problem is resolved. The Microsoft Answers forum includes this welcome confirmation:
The Windows Update released on August 31st for Windows 10 includes a fix for this issue. This update is automatically applied when installing the Anniversary Update.
For those of you who use PowerShell's DSC feature, version 14393.105 includes the missing file and DSC now works.
It looks like version 14393.105 also fixes the double-printing bug introduced by Microsoft security patch MS16-098/KB 3176495. It's still early in the morning, but I expect confirmation from Seagull Scientific, one of the companies that got hit by the bug, shortly.
That's the good news. The bad news is that version 1607 has had six cumulative updates -- four since it was released a month ago -- and many of them (including this one) have been massive. That does not speak well for Microsoft QA, especially on a product this important.
Did I mention that there's still no fix for the camera protocol problem that breaks Skype, nor for the bug that BSODs Win10 Anniversary Update systems when you plug in a Kindle? There's also a lengthy Answers Forum thread (and ample anecdotal confirmation from Paul Thurrott and me) about sporadic problems with cut and paste in version 1607.
Bottom line: I still wouldn't stick my least favorite politician with the Anniversary Update. Wait for Microsoft to iron the bugs out.
Windows 10 Fall Update -- version 1511
This is the build I'm using on all of my production PCs. It was last updated on Aug. 9, to build 10586.545.
The Fall Update is also a victim of the double-print bug in security patch MS16-098/KB 3176493. Look for a fix to appear in the next cumulative update -- the 16th cumulative update to version 1511 -- which I expect to see on Sept. 13, this month's Patch Tuesday, although it may appear sooner.
Microsoft has an official Insider Release Preview ring for Windows 10 version 1607 so admins and developers with Win10 products can test their wares before Microsoft unleashes a new build. There's no analogous Preview ring for Win10 version 1511 (one of many flaws in the Insider ring concept). Because there's no Preview ring for the Fall Update, Microsoft has posted a preview of its next patch for version 1511 in the Windows Update Catalog. (At least I think that's what's happening.) Dubbed KB 3186988, Microsoft has said little about the contents of the impending patch, and it isn't available through normal channels.
Windows 8.1, 7 and Vista
Microsoft's doing a little two-step here. The 'Softies know that they introduced the double-printing bug last month with MS16-098/KB 3177725, the security patch that's supposed to fix certain Windows kernel-mode drivers. They have a fix for that bug ready -- but it hasn't been rolled out yet. My guess is that the decibel level of complaints hasn't been high enough to warrant a separate, out-of-band release.
The fix is available for download from the Microsoft Update Catalog, with the patch for Windows 7, 8.1, and the Servers posted on Aug. 23, and the patch for Vista posted on Aug. 30. But it hasn't rolled down the Automatic Update chute yet. (I hesitate to call it a "hotfix" in this state because I don't know how hotfixes fit into the current set of rapidly-changing definitions.)
Right now, Microsoft's in a bit of a quandary with Windows 7 and 8.1. The company broke something with a security patch. Will it fix be fixed with a non-security patch? My guess is the answer's no -- Microsoft is waiting until the September Patch Tuesday security patches hit on Sept. 13, and will roll the fix into the next Windows kernel-mode driver update at that time.
That will give us a security update to a bug introduced by a security update -- but it also introduces a troubling question. When Microsoft's Win7 and 8.1 patching process changes to the new cumulative update method in October, how will we get fixes to bugs introduced by security patches? Will we have to wait an entire month to get a fix for something Microsoft broke?
There are many unanswered questions about how Windows Update will work in the new era of all-or-nothing Win7 and 8.1 patches. There could be rocky times ahead.