Wednesday, August 20, 2014

Microsoft's Bloody Tuesday

Originally published on Kupeesh as Fear and Loathing of a Microsoft Patch



Poor Microsoft, it's been a tough couple of years for the software giant as it's gone through management upheavals, a failed operating system and a lackluster foray into the mobile market.

It seems they just can't catch a break...

That doesn't preclude them, however, from breaking things.

Case in point.  Last week's round of "Patch Tuesday" updates was filled to the brim with security and operating system fixes that millions of Windows PC's dutifully installed via automatic updates.

Normally keeping an operating system up to date is a good idea if you want to keep the bad guys out of your stuff.  But what do you do when the supposed good guys blow up your computer?

That's a question thousands of Windows users are asking as they now find themselves between the rock of Internet security threats and the hard place of a botched update.  

Even longtime Microsoft watchers like Paul Thurott (Windows Weekly, Winsupersite) can only answer with, "That's a tough one."

The patch causing so much trouble is a seemingly innocuous update to the Russian Ruble currency symbol in the windows font library (KB 2970228).  Apparently some users are experiencing everything from screwed up fonts to Blue Screens of Death (BSOD) after its installation.  As a workaround Microsoft is currently advising users to remove it and 3 other updates (KB2982791,KB2975719,KB2975331) that contain the offending code.  In addition, the download description pages for the affected update patches have had their download links removed while Microsoft, "investigates the issue."

Windows 7 and 8 are arguably the most robust operating systems Microsoft has ever produced.  So the return of the BSOD nemesis from the days of Windows XP is going to raise some eyebrows.  BSOD's only arise when a core operating system function has failed beyond recovery.  

That's something we thought we left behind when the house of cards that was Windows XP finally shuffled off the stage.  So with so much progress, how could Microsoft allow an obviously unvetted update to be distributed on platforms from Server 2003 to Windows 8.1.

Yes I know, Microsoft, unlike Apple, doesn't control every variant of hardware that runs their software.  But it's for exactly that reason that one would think their update policy would err on the side of caution.  That goes double in a week that also saw major outages of the company's Azure cloud services.

Instead Microsoft seems bent on releasing new products (patches included) like automakers release new cars.  But operating systems aren't Chevy's and rushing new products to market always leaves something to be desired.  Just ask GM about taking shortcuts in a process for proof.

So what's the answer when a strategy of "rapid release" seems to rule the day.  Unfortunately it's "Caveat Emptor," Buyer Beware.  Microsoft appears committed to shooting out software patches and asking questions later.  So for now, you may just want to switch those automatic updates to "manual" and wait a week after Patch Tuesday to install those non-critical updates.


In this case the cure was worse than the disease.