Windows 10’s buggy updates force you to choose between security and stability, says user group

The survey was conducted by Susan Bradley, a Microsoft-certified Small Business Server and Security Most Valued Professional who moderates the patchmanagement.org email list.

Bradley wrote an open letter to various Microsoft executives, including CEO Satya Nadella, outlining the hundreds of grievances members of the patchmanagement.org group had reported to her.

“I am writing to you to ensure that you are aware of the dissatisfaction your customers have with the updates released for Windows desktops and servers in recent months,” she says.

“The quality of updates released in the month of July, in particular, has placed customers in a quandary: install updates and face issues with applications, or don’t install updates and leave machines subject to attack.”

These problematic updates extend beyond Windows, Bradley said, highlighting that in July alone Microsoft had issued 47 bulletins about issues caused by updates to Microsoft software, ranging from SharePoint to Exchange.

But Windows 10 was singled out for criticism, in particular, the Windows Insider Program under which volunteers test pre-release builds of Windows 10.

“It appears that there is a breakdown in the testing process. The Windows 10 insider process is not able to identify issues on released products. When your own products break with these releases, it is clear that current testing processes are not good enough,” she said.

Of the sysadmins who responded, about 63% weren’t satisfied with the quality of Windows 10 updates and about 70% felt the OS’ twice-yearly major feature updates either weren’t useful or were rarely used for businesses.

Rather than updating Windows immediately, as recommended by Microsoft, she said that many sysadmins at smaller firms were waiting “at least a week” for issues with updates to be identified and resolved.

Some Windows users are going as far as “disabling Windows Update as a drastic measure to ensure that updates do not reboot systems when they are not wanted”, Bradley added, saying the twice-yearly feature releases are causing “fatigue” among admins whose priority is keeping systems stable and secure.

Microsoft’s changes to the update process, such as the introduction of Dual Scan, are also being poorly communicated she said, leaving admins “confused” and having to follow various blogs and Twitter feeds to understand the changes’ impact.

The difficulty updating Windows has been compounded by the “lack of basic documentation of Windows update error codes”, incorrect information in Microsoft Knowledge Base articles on patching, and a lack of information on conflicts with third-party software.

This year Windows 10 patches have caused various issues for users, with fixes for the Spectre/Meltdown CPU flaws triggering random reboots and other problems.

Bradley concludes by saying: “We want Microsoft software to be such that we can indeed install all updates and patches immediately without the reservation. As it stands right now, we do not trust the software and the patching quality enough to do so.”

Microsoft has tried to improve how Windows 10 handles updates, reducing patch download sizes and recently pledging to use machine learning to determine when to restart a machine to install an update without inconveniencing the user.

Microsoft had not yet responded to a request for comment at the time of publication.

The big takeaways for tech leaders:

• Windows sysadmins have told Microsoft they no longer trust system updates won’t make systems unstable.
• The majority of sysadmins surveyed felt the Windows 10’s twice-yearly feature updates were of little value to the business.