Windows 10 patch expert begs Microsoft: 'Please fix uptick in botched updates'

In a year of big malware outbreaks, one expert thinks Microsoft's faulty patches and speedy Windows 10 feature updates could be setting its users up for a dangerous situation.
Written by Liam Tung, Contributing Writer

Video: AI will decide when it's the best time to install your next Windows 10 update.

Susan 'patch lady' Bradley, a patching expert who manages a bunch of Windows PCs and servers in business, has had enough of Microsoft's recent uptick in shoddy patches.

She posted an open letter to Microsoft CEO Satya Nadella, Microsoft corporate VP of Windows Servicing and Delivery Carlos Picoto, and the company's head of all things cloud, Scott Guthrie, pleading for them to urgently address the quality of recent Windows patches.

Her open letter was published on Computerworld's Woody on Windows column, taking a shot at the execs for putting people like her in the unenviable position of either installing patches that break machines or delaying patches and leaving them vulnerable to publicly known vulnerabilities.

"Today, as Windows 10 turns three years old, I am writing to you to ensure that you are aware of the dissatisfaction your customers have with the updates released for Windows desktops and servers in recent months," wrote Bradley.

"The quality of updates released in the month of July, in particular, has placed customers in a quandary: install updates and face issues with applications, or don't install updates and leave machines subject to attack."

SEE: 20 pro tips to make Windows 10 work the way you want (free PDF)

As she points out, July 2018's Patch Tuesday contained 47 bulletins with known issues. Among the buggy patches include a .NET remote code injection flaw, the Intel CPU Lazy State bug, and the fourth Spectre flaw known as Speculative Store Bypass, which affected AMD, Arm, and Intel CPUs.

She posted the letter after members of patchmanagement.org community listserve, where she is a moderator, recently began complaining about the quality of updates and the speed of Windows 10 feature updates.

She's also published the results of a survey of members about what they think of the quality of Microsoft's recent patches.

The survey mostly asked admins about their feelings towards Microsoft's Windows 10 patches and she notes that the Windows Insider program isn't helping identify issues.

The overall responses, she says, showcase "that your customers who are in charge of patching and maintaining systems are not happy with the quality of updates and the cadence of feature releases, and feel that it cannot go on as is".

Microsoft recently declared Windows 10 April 2018 Update ready for business and boasted it is its fastest Windows 10 rollout ever, installed on 250 million PCs in about two months.

Despite complaints about the update breaking some PCs, Microsoft defended its speedy rollout as responsible.

Bradley said responses to parts of the survey aimed at Windows 10 consumer users are the same as those from patching admins in regards to the velocity and volume of Windows 10 feature upgrades each year.

"The majority thought that the feature updates occurred too many times during the year, and they said they were overall not happy with the quality of updates from Microsoft. The full survey results from Microsoft consumer customers can be found here," she wrote.

Her full post is worth a read for Windows 10 users and admins, as well as Azure users. The letter draws attention to a potential problem Microsoft could be creating via the Windows 10-as-a-service model it introduced in 2015.

The consequence of Microsoft's breakneck pace of feature releases is that Microsoft could be unintentionally creating a giant security problem, which follows a year of highly damaging malware outbreaks, such as NotPetya and WannaCry, as well as the leak of the extremely dangerous NSA-developed Windows zero-day exploits that enabled each of the malware's rapid spread across corporate networks.

SEE: Windows 10 April 2018 Update: An insider's guide (free PDF)

"I am disturbed when I see users and consultants talk about taking drastic measures to take back control of updating and rebooting. Some are disabling Windows Update as a drastic measure to ensure that updates do not reboot systems when they are not wanted," she wrote.

And as she notes, Microsoft has acknowledged this problem, last week announcing a new predictive model to only restart Windows 10 PCs for an update when users really have stepped away from work for long enough to begin the process.

But as it is, Bradley believes Microsoft's mistakes and the effort it's demanded of Windows users have broken many users' trust in Microsoft's patches and software.

"We want Microsoft software to be such that we can indeed install all updates and patches immediately without reservation. As it stands right now, we do not trust the software and the patching quality enough to do so," she concludes.

ZDNet has contacted Microsoft for comment, which it will include in the case of a response.

Previous and related coverage

Windows PCs, Macs are slow and crash constantly, mocks Google

Google's new Chromebook video reminds the world of the worst of Apple and Microsoft computers.

Microsoft's got a new plan for managing Windows 10 devices for a monthly fee

Microsoft is putting together a service aiming to take the pain out of procuring, provisioning and managing Windows 10 devices that it's currently calling the 'Microsoft Managed Desktop.'

Windows 10: How Microsoft will stop software updates from ruining your day

Microsoft's predictive model will try to determine whether you've just left for a coffee or have finished for the day so that it can deliver updates without interrupting your work.

Windows 10: These two new builds deliver lots of bug fixes

Updates for Windows 10 have arrived just a fortnight after Patch Tuesday.

Windows 10: Microsoft reopens Skip Ahead program but you need to be quick

If you're keen to stay in the Skip Ahead group of the Windows 10 Insider tester program, now is the time to act.

Windows 10 updates: How to get the newest features first with Skip Ahead TechRepublic

If you want to try out bleeding edge builds of Windows 10 here's how to opt into Skip Ahead. But be quick.

Windows 10 is adding SwiftKey, laying the groundwork for dual-screen tablets CNET

Because typing on glass isn't for everyone.

Editorial standards