latest updates from easySERVICE™
The last several months have seen a disturbing string of problems in updates released for Microsoft products. Last week we saw three. It’s time to worry about what’s behind it all. In Summer of last year Microsoft had buggy Patch Tuesday updates three months in a row. There had been others that year, some of which crippled systems.
The following list includes problems observed in just the last six months:
Update on December 15: They keep coming.KB3008923 describes problems withMS14-080, the December Cumulative Update for Internet Explorer:
Known issues with this security update
- We are aware of some reports of functional issues on sites that use nested modal dialog boxes on Internet Explorer 11 that occur after you install this security update. Microsoft is researching this issue and will post more information in this article when the information becomes available.
- We are aware of some limited reports of Internet Explorer 9 crashing after you apply this security update. Microsoft is researching this issue and will post more information in this article when the information becomes available.
The MS14-080 security bulletin itself has no mention of any problems.
Note the (*) on the link about the October updates to Word. In Microsoft’s explanations of what caused this update I saw inconsistencies and things that just didn’t make sense. Sorry, it’s complicated:
If you’re lost, I’m sorry but not surprised. It’s convoluted. It’s also strangely reminiscent of the problems with the August patches that caused systems to go into infinite reboot loops. The update for which this problem was blamed is KB2970228″Update to support the new currency symbol for the Russian ruble in Windows.” I just don’t see how such an update could cause such a problem.
Whenever I see a change like this in anything I try to ask myself if there really is a change or if we’re just noticing it more than in the past. In this case, I think the only way it’s only a matter of perception is if Microsoft has begun reporting update problems more than they have in the past. This is entirely possible, but I don’t have any real evidence that it’s the case.
With products as complex as Windows, Office and Exchange and a user base as large and diverse as theirs, there are always people complaining of problems caused by updates and it’s inevitable that some users will suffer ill effects from even a well-designed and tested patch, because there are just too many configurations and third-party products for Microsoft to test.
There’s another complication potentially at fault in these bugs: Microsoft silently patches many security problems. Who knows, perhaps the Kyrgyz/Mongolian and Ruble updates did a lot more than Microsoft claimed they did. If an undocumented function of an update were to cause problems it wouldn’t be surprising for Microsoft to dissemble in their explanations. Of course I’m speculating here, but it’s not like we have an official and logical explanation on which to rely.
I would assume that the people in charge at Microsoft know what the real problem is and aren’t happy with it. In the long run, when almost all our software is in the cloud and managed, I think all patches will be silent and we won’t know anything happened, other than perhaps a version number incrementing. Have there been any security bulletins for the online parts of Office 365?
In the meantime I have to figure that the update processes for Windows, Office and Exchange have become too complex and unwieldy. There’s little Microsoft can do about it in the short term; they brought it on themselves, mostly by having excessively long support lifecycles. I wish I had some constructive advice with near-term benefits, but I think we’re doomed to more of this sort of thing for the foreseeable future.
Source: Associated Press
Error: Twitter did not respond. Please wait a few minutes and refresh this page.