Microsoft’s Patch Tuesday Turns 10: A Decade of Botched Updates and Broken PCs

The tech giant’s updating initiative turns 10 on October 9

By on October 4th, 2013 21:10 GMT

Back in 2003, the Redmond-based tech giant officially introduced a completely new concept for its customers that made many people in the IT industry applaud the company’s efforts to keep its products fully-patched.

Simply called Patch Tuesday, the new patch management process was basically supposed to deliver security updates for all products in Microsoft’s lineup that could be vulnerable to attacks and thus expose users’ data to hackers.

The idea was pretty simple. Microsoft wanted to use the second Tuesday of each month to deliver these updates, with the company promising to keep all users secure by launching all patches at the right moment.

A GREAT CONCEPT FOR ALL MICROSOFT CUSTOMERS

Microsoft’s CEO Steve Ballmer said at that time that Redmond was ready to embrace a monthly patch release cycle that “reduced the burden on IT administrators by adding a level of increased predictability and manageability.”

"Our goal is simple: Get our customers secure and keep them secure," Ballmer said. "Our commitment is to protect our customers from the growing wave of criminal attacks."

Tools like Windows Update and the Software Update Services 2.0 impressed everyone, as Microsoft seemed to really be doing something for its customers worldwide. Later on, the company introduced the advanced notification service, showcased on every Thursday before Patch Tuesday and supposed to provide information on the updates to be released each month.

Ten years ago, it all sounded great and Microsoft was clearly very optimistic with its new patch management process. But things changed significantly as the time passed by and Patch Tuesday has now become a nightmare for the millions of Windows users out there.

PATCH TUESDAY OR BLACK TUESDAY?

Unfortunately for both Microsoft and its users, Patch Tuesday is now making more harm than good. As Andrew Storms, the director of DevOps for CloudPassage puts it, “it’s the second Tuesday of each month that we love and hate.”

Although it was all only milk and honey in the first years, with Microsoft releasing fully working security bulletins every Patch Tuesday, it has all become the day when everything’s broken down, as many of the updates the company is rolling out these days are messing things up on Windows computers.

Redmond no longer seems to put the focus on pre-release testing and simply launches Patch Tuesday updates that break down its own Windows machines and other software installed on users’ computers.

The first problems appeared a couple of years ago with one or two botched updates released every single month, but it has now turned into a common practice that’s clearly extremely frustrating for users across the world.

Last month for example, the company released patches that got stuck into an infinite installation loop, as they continuously asked users to deploy the updates and reboot their machines. Other bulletins broke down Office, while some consumers complained that file associations were reset by Patch Tuesday updates. More than eight botched updates have been delivered to users in September 2013, statistics show.

Microsoft has ignored these problems for too many months, so users have finally decided to do something about it. Since nobody seems to be listening to their complaints, most of them have blamed CEO Steve Ballmer for Microsoft’s ignorance and for its poor quality control when it comes to Patch Tuesday updates.
Review image
Several September 2013 updates were stuck in a continuous installation loop. A fix came after approximately one week.

BALLMER ASKED TO CHECK QUALITY CONTROL

Others, on the other hand, have decided to send digital letters to Ballmer, asking the outgoing CEO to urgently improve patch testing before the Tuesday cycle.

Here’s what Susan Bradley, one of the Microsoft MVPs that work as volunteers on the company’s community forums, wrote in a public memo addressed to Ballmer last month:

“As one of the moderators for the Patch Management listserve I am part of a community that maintains and patches primarily Windows products. On behalf of everyone in this community, may I respectfully request that you assign someone in a management position to investigate what is going on with quality control with Patch testing lately?

This month in particular leaves me deeply disturbed that issues that should have been found before these updates were released are being found by us - your customers - after they are released and we are having to deal with the aftermath. This leads to increasing distrust of updating.

These issues in your newer products are deeply disturbing to me. The issues this month in particular leave end users and Patch Admins with no other recourse than to not patch and even disable automatic updates until we are assured that issues have been fixed.

I congratulate you on your release to manufacture of Windows 8.1 but I beg you to pause for a moment and investigate why we are seeing so many patching issues with your released products at this time. Bottom line, sir, this is unacceptable to all of us in the patching community, and quite frankly, it should be just as unacceptable to you.”

Unsurprisingly, Microsoft is yet to issue a comment on all these issues. The problem, on the other hand, is that we’re only days away from another Patch Tuesday.

So, the questions is what it’s going to be? Botched updates or not updates at all?

4 Comments