We are definitely listening, and “we” doesn’t mean just me ☺ I would ask that everyone actually read the original blog post:
https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/ The TL;DR summary: · We’ll do a monthly rollup of security and non-security updates, which is cumulative and contains all previous fixes, superseding the previous one. · We’ll also do a monthly security-only update, containing only the new security fixes for that month. So for those that choose to deploy the monthly security-only update, which will come out on Patch Tuesday, the biggest change is that you will see exactly one security update to deploy each month, instead of the 1-10 that you typically see each month today. And if today you only ever deploy security updates (which is not something we recommend, hence the larger changes in the Windows 10 servicing process), that’s the only change – you can ignore the rollups. We would like for everyone to install the non-security updates as well – you’ve seen the separate threads talking about that. Overall, these make things better, because they fix bugs. The number of support calls we get from customers running into issues *that were already fixed months earlier* is amazing – if the non-security updates had been deployed, you would have never seen the issue. Sure, there are always examples of how some particular fix caused some particular problem. We do our best to keep that from happening, with internal testing, external testing and validation (e.g. SUVP), and more, but we’ll never be perfect. All we ask is that when you find the issues, you call Microsoft support and work with us to find a solution as quickly as possible. Thanks, -Michael From: [email protected] [mailto:[email protected]] On Behalf Of Ed Aldrich Sent: Thursday, August 18, 2016 7:16 AM To: [email protected] Subject: RE: [mssms] Microsoft set to change Windows patching in a disasterous way Great thread with a lot of constructive feedback going in both directions… One comment needs clarification I believe. Roland stated “…Michael is the only one actively listening here, or at least contributing, …”. I think it’s safe to say that Michael represents the tip of the spear at Microsoft, representing (actively here) a much bigger piece of the organization, complete with engineering staff and processes. If they were all chiming in this would be doubly difficult to absorb. Make no mistake about it though. Having a solid, safe, and secure operating system platform is, I believe, fundamental to everything else Microsoft is doing outside the data center. This is hardly a casual exercise in Redmond, with only someone like Michael devoted to the effort. Jason has also done a good job of explaining some of those nuances as well. Constructive comments here, along with real world business processes and related feedback as we’ve seen here, only helps to improve the process for all. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Roland Janus Sent: Wednesday, August 17, 2016 4:36 PM To: [email protected]<mailto:[email protected]> Subject: AW: [mssms] Microsoft set to change Windows patching in a disasterous way Looking at what showed up yesterday: [cid:[email protected]] (We don’t have that many clients yet, hence only 95) The “none” is the severity which makes this even more nuts. One week after patch Tuesday new updates show up which most likely could have been moved to next month. Now they have to wait and are probably replaced with new versions next month anyway (or again a week later). To be fair, Michael is the only one actively listening here, or at least contributing, but my feeling is that those few complaining are just the tip of the iceberg and it will be worse once it actually hits everyone. It would be good for MS to listen and do something about it, but my guess is: not happening. -R Von: [email protected]<mailto:[email protected]> [mailto:[email protected]] Im Auftrag von Aday, Karalene B (RCIS) Gesendet: Mittwoch, 17. August 2016 22:13 An: [email protected]<mailto:[email protected]> Betreff: RE: [mssms] Microsoft set to change Windows patching in a disasterous way Excuse me if I didn’t use the correct terminology. When “additional updates” are released it impacts us greatly. We alsways decline them and then approve them with all the other monthly patches. There are months where there may be a large number released through out the month and it impacts our workload and also leave room for error. Why are they released during the month and not part of Patch Tuesday? From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Michael Niehaus Sent: Wednesday, August 17, 2016 2:16 PM To: [email protected]<mailto:[email protected]> Subject: RE: [mssms] Microsoft set to change Windows patching in a disasterous way Just curious, what 52 are you referring to? We routinely release additional updates throughout the month. It’s very rare to have an out-of-band security update though, those are typically only on Patch Tuesday. Flash tends to be the notable exception (we align with when Adobe and others release their updates), and of course fixes to serious 0-day exploits will always be important. Thanks, -Michael From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Aday, Karalene B (RCIS) Sent: Wednesday, August 17, 2016 8:01 AM To: [email protected]<mailto:[email protected]> Subject: RE: [mssms] Microsoft set to change Windows patching in a disasterous way I would also like to know how they are going to handle all of the out of band updates they release each month. We pulled 52 out of bands last night and I’m sure with their pattern that’s not the end of them for this month. Patch Tuesday is kind of a joke when they continually do this. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Todd Hemsell Sent: Wednesday, August 17, 2016 8:57 AM To: [email protected]<mailto:[email protected]> Subject: Re: [mssms] Microsoft set to change Windows patching in a disasterous way Less work for them. Here is the fix, use it or not. Even if it breaks other things. We will no longer put in the extra effort to fix our security flaws, instead we will put the burden on you to make sure 100% of everything you have is compatible with these updates. On Tue, Aug 16, 2016 at 11:43 AM, Ed Aldrich <[email protected]<mailto:[email protected]>> wrote: How do you see this approach being driven as a profit-making process? From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Todd Hemsell Sent: Tuesday, August 16, 2016 12:20 PM To: [email protected]<mailto:[email protected]> Subject: Re: [mssms] Microsoft set to change Windows patching in a disasterous way Hey, it makes MS more profitable, that is all that matters,. Same with the forced advertising in a corporate OS you pay millions for Same as with the cloud Same as with everything Screw you, suck it up. lol On Mon, Aug 15, 2016 at 6:29 PM, Murray, Mike <[email protected]<mailto:[email protected]>> wrote: I’ve been told “get used to it” on the patch management list. Not good enough. I think this is ridiculous. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Roland Janus Sent: Monday, August 15, 2016 4:08 PM To: [email protected]<mailto:[email protected]> Subject: AW: [mssms] Microsoft set to change Windows patching in a disasterous way 1+ If they include such updates, like 3170455 which we also excluded, that’s certainly going the mess up things.. Von: [email protected]<mailto:[email protected]> [mailto:[email protected]] Im Auftrag von Miller, Todd Gesendet: Montag, 15. August 2016 22:42 An: [email protected]<mailto:[email protected]> Betreff: [mssms] Microsoft set to change Windows patching in a disasterous way https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/ Wow, this could be a disaster. We have had 4 or 5 cases in the last 12 months where we have had to delay the installation of a security update so that applications could be modified to work with updates. In a couple of cases, one ongoing, Microsoft has released a security update, then acknowledged a bug in that update and released a fix several months later. We currently have KB3170455 denied in our environment because it breaks point – and –print driver installation. In the new world, I will need to decide which is worse – no security updates for 3 months, or break printing for all non-admin users. Currently I can decide to pull or hold an individual patch, but it looks like that option is being removed from Windows 7 and 8. This comes at a time where it seems like patch quality has hit a rough patch, making this decision more troubling. ________________________________ Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521 and is intended only for the use of the individual or entity to which it is addressed, and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If you are not the intended recipient, any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately and delete or destroy all copies of the original message and attachments thereto. Email sent to or from UI Health Care may be retained as required by law or regulation. Thank you. ________________________________ ________________________________ Legal Notice: This email is intended only for the person(s) to whom it is addressed. If you are not an intended recipient and have received this message in error, please notify the sender immediately by replying to this email or calling +44(0) 2083269015 (UK) or +1 866 592 4214 (USA). This email and any attachments may be privileged and/or confidential. The unauthorized use, disclosure, copying or printing of any information it contains is strictly prohibited. The opinions expressed in this email are those of the author and do not necessarily represent the views of 1E Ltd. Nothing in this email will operate to bind 1E to any order or other contract. ________________________________ Legal Notice: This email is intended only for the person(s) to whom it is addressed. If you are not an intended recipient and have received this message in error, please notify the sender immediately by replying to this email or calling +44(0) 2083269015 (UK) or +1 866 592 4214 (USA). This email and any attachments may be privileged and/or confidential. The unauthorized use, disclosure, copying or printing of any information it contains is strictly prohibited. The opinions expressed in this email are those of the author and do not necessarily represent the views of 1E Ltd. Nothing in this email will operate to bind 1E to any order or other contract.
