Patch Monday: A way to avoid more Microsoft Automatic Update fiascos

With a dozen Automatic Updates re-issued this month alone, it's time for Microsoft to re-imagine its botched patching process

1 2 Page 2
Page 2 of 2

If you look back on this month's botched and re-issued patches -- KB 2871630, KB 2589275, KB 2760589, KB 2760411, KB 2767913, KB 2810048, KB 2760583, KB 2760590, KB 2760588, KB 2810009, KB 2553145, and KB 2553351 -- not one of the patches met those three criteria. They all would've been put in the Patch Monday testing jar.

Similarly, the last publicly pulled and reworked botched patch, August's KB 2859537, fixed a hole that had been previously reported and demonstrated, so it could've been subject to Patch Monday scrutiny. July's KB 2844286 was part of MS13-052 which, Microsoft contends, had been publicly disclosed, thus it would've gone in the Patch Monday bucket, too. The botched one before that, April's KB 2823324, also would've met the criteria for Patch Monday scrutiny.

Look at it this way: We're going through all of this Automatic Update hell in order to beta test patches that should've been put out for beta testing anyway. Microsoft has massive testing farms and puts all of its patches through a rigorous testing regime. You can see how well it's worked. Why not give everybody and his brother an early crack at them -- before they get absorbed into Aunt Gertrude's computer?

One more note: For the life of me, I don't understand why Microsoft funnels so many patches through the Automatic Update sewer pipe. In September we had 116 patches on Black Tuesday. Twelve of them were subsequently yanked. That's unmanageable and, I would argue, unconscionable.

Yes, I know Microsoft wants to minimize reboots by pouring all of its reboot-requiring fixes into one giant monthly bucket. But mixing security with nonsecurity patches and pushing out more than a hundred at a time -- that's just stupid.

If Windows and Office are in such bad shape that we have to reboot twice a month, so be it. Second and fourth Tuesdays are OK by me -- and I suspect most of the Windows community would agree.

So, Microsoft, how about while you're re-imagining Windows for the second or third or fourth time, you spend a little more effort solving a confounding problem that affects almost all of your 140 billion customers?

This story, "Patch Monday: A way to avoid more Microsoft Automatic Update fiascos," was originally published at Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow on Twitter.

Copyright © 2013 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
How to choose a low-code development platform