Microsoft, we have to have a talk
Microsoft? We have to talk. Recently you’ve already been disappointing me. This month for my Windows 10 devices you released three sets of security updates. The initial set of improvements ( KB5000802 for the 2004/20H2 variations) triggered blue displays of loss of life when I attemptedto printing to Ricoh and Kyocera printers as triggered problems with Dymo labels. As you yourself noted, “after installing this update, you may receive an APC_INDEX_MISMATCH mistake with a blue display when wanting to print to specific printers in a few apps.”
The second group of updates ( KB5001567 for 2004/20H2 versions) was likely to fix these problems, but only fixed a few of the BSODs and didn’t fix problems with Dymo label printers or printers that induce images (such as for example bar program code printers). You mentioned it: “After installing up-dates released March 9, 2021 or March 15, 2021, you can find unexpected outcomes when printing from some apps. Issues might include: Components of the record might print as strong black/colour boxes or may be missing, which includes barcodes, QR codes, and graphics components, such as logos. Table lines could be missing. Some other alignment or formatting problems may be present also. Publishing from some apps or even to some printers might create a blank web page or label.”
You then released a 3rd version of the updates that reportedly would fix the problem with Dymo label printers and image or barcode printers. You might believe that after three tries obtain the ideal and fixed update we’d. KB5001649 for the 2004/20H2 variations was said to be that last and ideal update.
Tuesday now usually with Patch, we’ve patch perfection never. There’s always someone which will suffer some random side-effect of normal processing weirdness that, without linked to the updating procedure directly, are certain to get blamed on any improvements due to coincidence. We’ve often seen customers complain about something on the point and pc to Windows updates because the trigger; often, it’s only a mere reboot that exposes fundamental issues, not the patching procedure itself. (In guidelines for servers, it’s frequently suggested that you reboot something before installing an up-date to ensure one’s body is functional.)
I’ve furthermore seen where malware may insert itself right into a operational system so when the patch is installed, the updated system is unstable and provide a BSOD now. In the past a rootkit installed on several Windows techniques was influenced by a security upgrade, which got installed a fresh version of the Home windows kernel; when the program rebooted, the conversation between your rootkit and the brand new kernel revise triggered a blue display screen. Therefore while we pointed to the security patch because the nagging problem, the truth is it helped expose the rootkits.
But it’s concerning if you ask me that in the a lot more twenty years I’ve been patching devices and monitoring for unwanted effects we have however to resolve two fundamental difficulties: You need us to show on automated updates to make sure our devices are kept secure, but as this month’s problems with printers displays, I cannot assure there won’t be unwanted effects out of this month’s updates. That’s flat out incorrect just. I have forget about self-confidence about patching than I did so 20 years ago: I’m still telling visitors to hold back, to check, to view for issues, to hold back, never to install updates right when i can’t ensure they won’t possess issues away. Microsoft, that’s inadequate! We are usually in a global where attackers ‘re going after on-premises mail servers in little and medium-sized companies and installing internet shells to perhaps inject ransomware. Installing high quality updates is paramount to protecting our devices immediately. But if we’ve dropped all faith in the screening process you utilize, Microsoft, how do we reach a accepted location where we install up-dates as soon as they come out?
Then there’s the rebooting problem. To be able to install improvements and replace the initial data files with the fixed types you force our techniques to reboot So when an over-all rule, Windows users dislike rebooting. It disrupts what we’re focusing on, it does make us lose our invest what we’re carrying out. And in the umpteen yrs that we’ve utilized Home windows, we’ve to repair this rebooting problem yet. I’ve literally seen experts ask how exactly to disable Home windows’ update mechanism since they cannot set a particular time for Windows devices to reboot that won’t be disruptive. Just how many of us have observed meeting talks interrupted by way of a Home windows 10 up-date triggering a reboot? (Instead of totally disabling Windows up-dates, I recommend utilizing the “ metered link ” trick therefore the system is only going to download improvements when you wish them to.)
Today we’ve phrase that you’ve has re-launched KB5001649 for 2004/20H2 and you will be offering it up once again being an optional update for all those influenced by the printing problems introduced this the 30 days. Microsoft, you advise that we install these optional updates should we be impacted, but that’s asking most of us to bring the responsibility of testing. That’s not right just. If you would like us to set up updates the second they’re released immediately, you must do much better than this. You should widen your tests of updates to add consumers and not simply enterprises.
People often believe the insider assessment process impacts the standard of security up-dates. It’s my estimation that they usually do not. Insider examining will be for features not linked to security. They are fixing protection bugs that aren’t fixed even yet in the insider variations yet.
Lately you announced you’ll be closing your UserVoice feedback process , that allows users also it administrators to require new features. At the right time that I believe you need to listen to more from customers, it feels as though you’re back pulling.
So down the road this 7 days when I opt to tell visitors to update – or not really – I’m still uncertain what I’m likely to tell my visitors at Computerworld or upon Askwoody.com . I’m uncomfortable telling visitors to NOT update. But We’m also uncomfortable telling them to set up updates and rely on that Microsoft provides gotten it right blindly. Up to now, you haven’t provided me sufficient assurance that despite having three times you’ve first got it right however. And that’s a shame.
Because the attackers obtain attacks right the 1st time often.