02-15-2017 , 09:49 AM
What Might Have Gone Wrong with Microsoft’s Delayed Security Updates
Don’t blame the cumulative updates, at least not yet
Microsoft delayed Patch Tuesday updates for what seems to be the first time ever, but the company hasn’t provided any information on what exactly went wrong, saying instead that all updates would be released to Windows systems at a later time.
Redmond explained in a short statement that it discovered a “last-minute bug” that could have caused issues for a number of customers, so because it didn’t want to take any risks, it decided to delay the Patch Tuesday rollout completely until a fix is developed.
As far as the reasons for the delay are concerned, there’s a lot of speculation online and many people believe that it was all caused by Windows 10 cumulative updates. And it’s no wonder why users blame these updates.
Cumulative updates caused quite a lot of issues on Windows 10 systems in the past and many of them failed to installs on specific PCs, so users believe that Redmond discovered a similar bug and decided to hold back the release to fix it.
And yet, there’s a good chance that cumulative updates are not the ones to blame for this delay, but an infrastructure bug. As Shavlik’s Chris Goettl says, Microsoft’s increasing focus on cumulative updates makes it impossible for the company to pull just a single patch, as all fixes are included in a single pack, so holding back the entire rollout becomes the only option.
“Before the cumulative update model, a single patch could be pulled from the release without impacting the entire Patch Tuesday release. Now, speculation as to if this was an issue with one of the cumulative updates that caused this delay is not entirely unfounded, but thinking about this, if it were one update that was broken Microsoft could release everything else. The fact is Microsoft didn’t release anything, which sounds more like an infrastructure issue,” he says.
Issues caused by new update model?
Starting this month, Microsoft also planned to replace its existing update system with a new one that would no longer include single patches, and there’s a chance that this change caused the delay.
Amol Sarwate of Qualys says this makes it impossible for Microsoft to push Patch Tuesday fixes to Windows computers if it discovers a bug in just one of the updates.
“This comes on the heels of the announcement that individual patches will not be available as they will be bundled together in the monthly Security update or monthly Cumulative update. If there is a problem in the patch for one kernel vulnerability for example, then all kernel or related vulnerabilities cannot be released as they are bundled together,” he says.
At this point, there is to ETA as to when Microsoft is supposed to ship this month’s updates, but some sources claimed Microsoft was at least considering the next Tuesday. We’re guessing Microsoft could release the updates sooner if the fix is ready by Tuesday, but expect a notification to be published before the rollout begins.
Source: http://news.softpedia.com/news/what-migh...2954.shtml
Don’t blame the cumulative updates, at least not yet
Microsoft delayed Patch Tuesday updates for what seems to be the first time ever, but the company hasn’t provided any information on what exactly went wrong, saying instead that all updates would be released to Windows systems at a later time.
Redmond explained in a short statement that it discovered a “last-minute bug” that could have caused issues for a number of customers, so because it didn’t want to take any risks, it decided to delay the Patch Tuesday rollout completely until a fix is developed.
As far as the reasons for the delay are concerned, there’s a lot of speculation online and many people believe that it was all caused by Windows 10 cumulative updates. And it’s no wonder why users blame these updates.
Cumulative updates caused quite a lot of issues on Windows 10 systems in the past and many of them failed to installs on specific PCs, so users believe that Redmond discovered a similar bug and decided to hold back the release to fix it.
And yet, there’s a good chance that cumulative updates are not the ones to blame for this delay, but an infrastructure bug. As Shavlik’s Chris Goettl says, Microsoft’s increasing focus on cumulative updates makes it impossible for the company to pull just a single patch, as all fixes are included in a single pack, so holding back the entire rollout becomes the only option.
“Before the cumulative update model, a single patch could be pulled from the release without impacting the entire Patch Tuesday release. Now, speculation as to if this was an issue with one of the cumulative updates that caused this delay is not entirely unfounded, but thinking about this, if it were one update that was broken Microsoft could release everything else. The fact is Microsoft didn’t release anything, which sounds more like an infrastructure issue,” he says.
Issues caused by new update model?
Starting this month, Microsoft also planned to replace its existing update system with a new one that would no longer include single patches, and there’s a chance that this change caused the delay.
Amol Sarwate of Qualys says this makes it impossible for Microsoft to push Patch Tuesday fixes to Windows computers if it discovers a bug in just one of the updates.
“This comes on the heels of the announcement that individual patches will not be available as they will be bundled together in the monthly Security update or monthly Cumulative update. If there is a problem in the patch for one kernel vulnerability for example, then all kernel or related vulnerabilities cannot be released as they are bundled together,” he says.
At this point, there is to ETA as to when Microsoft is supposed to ship this month’s updates, but some sources claimed Microsoft was at least considering the next Tuesday. We’re guessing Microsoft could release the updates sooner if the fix is ready by Tuesday, but expect a notification to be published before the rollout begins.
Source: http://news.softpedia.com/news/what-migh...2954.shtml