Yes, I doubt we would be able to deploy anything. Seems like every month there is a bad update that breaks something. I would expect us to be at least a year behind.
But when my network gets infected it does not cost MS any money at all. On Wed, Aug 17, 2016 at 6:15 AM, Stuart Watret <stu...@offshore-it.co.uk> wrote: > i think you are right, more unprotected systems will be the reality. > > It’s a terrible idea given the appalling qa testing done on patches; it > seems every month we have an issue. > > On 16 Aug 2016, at 18:22, Erno, Cynthia M (ITS) <cynthia.e...@its.ny.gov> > wrote: > > Oh I get it. So, when we fail to apply a patch until we can manage our > domains so it doesn’t screw up our group policies or print servers or etc…, > and we only truly find those facts out because of the people on this list > that belong to businesses that need to maintain certain certifications for > their > business so they actually are the testers that Microsoft obviously does > not employ.. somehow Microsoft sets back and tries to judge us on that > behavior > by putting together a little graphic? > Want a graphic for what the new reality will be? Put together the graphic > that shows how much more unprotected our systems will be when we have > to roll back the cumulative security patches for that month because, yet > again, Microsoft pushed something out without thinking of the impact it > would have on business servers. > Out of touch and arrogant does not even begin to cover where Microsoft is > with businesses that have to be up and running 24/7. > > *Cynthia Erno* > > *From:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>]*On > Behalf Of *Michael Niehaus > *Sent:* Tuesday, August 16, 2016 12:41 PM > *To:* mssms@lists.myitforum.com > *Subject:* RE: [mssms] Microsoft set to change Windows patching in a > disasterous way > > > *ATTENTION: This email came from an external source. Do not open > attachments or click on links from unknown senders or unexpected emails.* > Each update (MSU/CAB) has to be installed in its entirety. > > If you encounter any issues with an update, contact Microsoft Support > right away. They are serious about resolving issues as quickly as possible. > > Certainly the reasoning for making this change is simple: > > <image002.jpg> > > Thanks, > -Michael > > *From:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>]*On > Behalf Of *Andreas Hammarskjöld > *Sent:* Tuesday, August 16, 2016 5:38 AM > *To:* mssms@lists.myitforum.com > *Subject:* RE: [mssms] Microsoft set to change Windows patching in a > disasterous way > > I thought this was possible? Like WUSA /u /kb:blabla? > > *From:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>]*On > Behalf Of *Mawdsley R. > *Sent:* den 16 augusti 2016 14:16 > *To:* mssms@lists.myitforum.com > *Subject:* RE: [mssms] Microsoft set to change Windows patching in a > disasterous way > > Agree. It can only be a good thing if it enables us to have a more > consistent environment out there. > > However, It would be excellent if they could implement some way we could > install the Rollup, whilst excluding one of its subsidiaries, even > temporarily. > > Rich Mawdsley > > *From:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>]*On > Behalf Of *John Aubrey > *Sent:* 16 August 2016 12:55 > *To:* mssms@lists.myitforum.com > *Subject:* RE: [mssms] Microsoft set to change Windows patching in a > disasterous way > > I was little uneasy about Windows 10 CU/UR whatever they call it. It’s > been going well so far. I think this is a good thing. From my > perspective, it will save me a tone of time, and make our PC’s way more > secure. Bring it on. > *From:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>]*On > Behalf Of *Marable, Mike > *Sent:* Tuesday, August 16, 2016 7:31 AM > *To:* mssms@lists.myitforum.com > *Subject:* RE: [mssms] Microsoft set to change Windows patching in a > disasterous way > > I totally agree. In fact yesterday we had to pull off a security update > because it “broke” an app. So instead of the vendor fixing their app, > we’re going to allow a potential security threat? > > In my opinion I think this is a good thing. Give me just a single patch > each month so I don’t have to worry about 5 this month, 2 the month before, > 7 the prior month… > > Aaron Czechowski talked about this at MMS this last Spring. > <image004.jpg> > > Like Andreas said, “Just my 2 cents.” > > Mike > > > > *From:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>]*On > Behalf Of *Andreas Hammarskjöld > *Sent:* Tuesday, August 16, 2016 2:54 AM > *To:* mssms@lists.myitforum.com > *Subject:* RE: [mssms] Microsoft set to change Windows patching in a > disasterous way > > This is very understandable and typicaly the way of “as-a-service” > solutions work, regardless of vendor. Doing it any other way would be too > costly & time consuming. I think we should be happy that MS is even > considering non security fixes for these operating systems! > > I think part of it is also to create an even bigger haystack to hide the > needles in for the security updates to delay the re-engineers finding the > actual issues from the patches that MS releases. > > One thing is sure, as ConfigMgr does support delta downloads of these > patches yet it will be a large file per month to download to each location. > So people that haven’t started looking at ways to peer-to-peer this should > do that… fast. With Win10 this is a 1GB DL per month per PC and counting. > > As per the not secure vs functionality, it’s the same as the idiots not > vaccinating their kids as they think they might get whatever from it. Go to > your vendor and tell them to fix the app. If they don’t, switch app. > > Unless you want to go Linux/Mac side, but thinking you have more control > there makes me laugh. > > Just my 2 cents. > > //A > > *From:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>]*On > Behalf Of *Murray, Mike > *Sent:* den 16 augusti 2016 01:29 > *To:* mssms@lists.myitforum.com > *Subject:* RE: [mssms] Microsoft set to change Windows patching in a > disasterous way > > I’ve been told “get used to it” on the patch management list. Not good > enough. I think this is ridiculous. > > *From:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>]*On > Behalf Of *Roland Janus > *Sent:* Monday, August 15, 2016 4:08 PM > *To:* mssms@lists.myitforum.com > *Subject:* AW: [mssms] Microsoft set to change Windows patching in a > disasterous way > > 1+ > > If they include such updates, like 3170455 which we also excluded, that’s > certainly going the mess up things.. > > *Von:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>]*Im > Auftrag von *Miller, Todd > *Gesendet:* Montag, 15. August 2016 22:42 > *An:* mssms@lists.myitforum.com > *Betreff:* [mssms] Microsoft set to change Windows patching in a > disasterous way > > https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further- > simplifying-servicing-model-for-windows-7-and-windows-8-1/ > > Wow, this could be a disaster. > > We have had 4 or 5 cases in the last 12 months where we have had to delay > the installation of a security update so that applications could be > modified to work with updates. In a couple of cases, one ongoing, > Microsoft has released a security update, then acknowledged a bug in that > update and released a fix several months later. We currently have > KB3170455 denied in our environment because it breaks point – and –print > driver installation. In the new world, I will need to decide which is > worse – no security updates for 3 months, or break printing for all > non-admin users. Currently I can decide to pull or hold an individual > patch, but it looks like that option is being removed from Windows 7 and > 8. This comes at a time where it seems like patch quality has hit a > rough patch, making this decision more troubling. > > > ------------------------------ > Notice: This UI Health Care e-mail (including attachments) is covered by > the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521 and is > intended only for the use of the individual or entity to which it is > addressed, and may contain information that is privileged, confidential, > and exempt from disclosure under applicable law. If you are not the > intended recipient, any dissemination, distribution or copying of this > communication is strictly prohibited. If you have received this > communication in error, please notify the sender immediately and delete or > destroy all copies of the original message and attachments thereto. Email > sent to or from UI Health Care may be retained as required by law or > regulation. Thank you. > ------------------------------ > > > > > > ********************************************************** > Electronic Mail is not secure, may not be read every day, and should not > be used for urgent or sensitive issues > > > >