Ask Slashdot: How Will You Handle Microsoft's New 'Cumulative' Windows Updates?

Microsoft's announced they'll discontinue "individual patches" for Windows 7 and 8.1 (as well as Windows Server 2008 R2, 2012, and 2012 R2). Instead they'll have monthly "cumulative" rollups of each month's patches, and while there will be a separate "security-only" bundle each month, "individual patches will no longer be available." This has one anonymous Slashdot reader asking what's the alternative: We've read about the changes coming to Windows Update in October 2016... But what happens when it's time to wipe and reload the OS? Or what about installing Windows on different hardware? Admittedly, there are useful non-security updates worth having, but plenty to avoid (e.g. telemetry).

How does one handle this challenge? Set up a personal WSUS box before October to sync all desired updates through October 2016? System images can work if you don't change primary hardware, but what if you do? Or should one just bend the knee to Microsoft...?
Should they use AutoPatcher? Switch to Linux? Or just disconnect their Windows boxes from the internet... Leave your answers in the comments. How do you plan to handle Microsoft's new 'cumulative' Windows Updates?

Re:Al-la-carte increased complexity of patches

[anglico]

But is Apple installing telemetry and all sorts of crap that spies on their users? That's why people want to be able to pick and choose which updates they install. My feeling is the only reason MS is doing it this way is to get that telemetry onto all the computers that refused to install it.

My long term use of Windows is ending

It is so sad to see it come to such a painful end. I actually bought Windows 1.0 in my youth and have had a machine running a Windows version ever since. I did manage to skip the most disastrous versions (ME, Vista, Bob and friends) and as a result had a pretty good run. By Windows 7 it had finally become a stable workhorse OS that, for a time, served me well as its owner and master.

With Windows 8.x and then 10 it became evident that Windows as an OS no longer served me as its (paid and rightful) owner but instead answered to an increasingly malevolent master who was working against my will and interests. Its aim was nothing other than to harvest and sell me, my identity, my movements, my thoughts, my keystrokes, as a product like any other meat based commodity. I knew I could not in good conscious willingly give myself over to such abuses. I concluded that Windows 7 would be my last Windows and in my personal view was THE last Windows as I knew the product all these years, with the things that came after no longer sharing a common purpose with those that came before.

While corrupting the Windows brand was bad even more nefarious was to take the Windows 7 the I own now away from me. The tried heartily to wear me down with deceptive pop-ups and then with malicious corrupting patches but, through great effort, I diligently thwarted them all. Now it seems the end has come, my paid copy of Windows 7 Professional will be corrupted by force or left to wither and be ravaged by wild dogs and the NSA in what I personally view to be a heinous crime against all humanity.

As a long term Microsoft customer, the sentiment I now associate most with the company is betrayal.

The way I would handle any important system

[Nkwe]

I will apply all the patches that the vendor supplies in an automated way where possible and where not, as soon as is practical. While it is true that a vendor could screw up a patch, it is also true that my hard drive could die, malware could get on my system, an other hardware or software problem could corrupt my data, or I could just screw up and delete data myself.

To protect myself from any of these occurrences, I keep regular backups. I take these backups at a frequency similar to the amount of data I am willing to lose in the event of any failure (including "evil" actions on behalf of my OS vendor.) For me the frequency of backups is generally daily.

Note that I use the term OS vendor instead of Microsoft here, this because I run several computers with several operating systems (Microsoft, Linux(s), others) and I have had them all screw up a patch.

Since I have chosen not to write or personally review the source code for all the software I use (because I don't have that kind of time), I choose to outsource that work to several vendors, one of which is Microsoft. Yes, there are risks to running software from Microsoft (or any other vendor), Microsoft may not have my best interests in mind. However their software meets my needs and I have made the calculation that the value the software provides outweighs the risks.

Re: Linux.

[chipschap]

++

Linux user since more than 5 years.

But unfortunately thats not a solution for everybody.

I've been a Linux user for over 20 years and have watched it grow into something that could be a solution for a lot of people.

You're right, not everybody; I've often said in these forums that if you need or want to run Windows, go run Windows. I'm not here to try to make you change.

But the need to run Windows is, I think, often quite overstated. It's certainly the case when you have some mission-critical software that simply can't be replaced. It's true if you want to do certain classes of gaming. And sometimes it's true when you need 100% document compatibility with entities that insist on Microsoft Office.

My quibble is that there are many who want to run Windows but say they need to run Windows, when they very likely don't. If it's a want rather than a need, fine, go for it, but don't claim that your choice is truly based on Linux's inability to perform.

Re:Simple, I don't run Win 7/8.1, I run Win 10

[UnknownSoldier]

> Windows 10 works just fine if you don't care about being spied on.

FTFY. When even MS admits they Are unable to stop Windows 10 tracking then you've just admitting to being MS's bitch. But I guess you have no respect for yourself since MS sure doesn't have any for you.

Only a complete idiot blindly trusts Microsoft.

The rest of us actually have a pair and don't allow MS to pretend they own our computers, nor our network connections.

> I used Windows 7 the other day, it felt old all of a sudden,

/sarcasm I used the wheel the other day. It felt a few thousand years old. It is now out of date and is just not reasonable anymore -- oh wait, it works.

Ah, that explains it -- just another dumb hipster who thinks "Ooh, shiny!" is somehow more magically stable then something that has been around for a while. Windows 10 == more lines of code == more bugs, but keep on being a shill because Windows 7 works just fine for those of us using it.

But I don't expect an apologist to understand why Microsoft's forced upgrades on Windows 7 and Window 8 users leaves a bad taste with customers and users start looking for alternatives.

Re:Whining about what, exactly?

[Zocalo]

It's the all or nothing approach. Previously, you could read the patch notes (such as they were) and make an informed decision as to whether to "patch ASAP", "test thoroughly, then patch", "whenever", or "not required (e.g. telemetry/GWX crap)" on a patch by patch basis. Other than the paucity of real data and Microsoft's far too frequent attempts to slip a turd in there, that's really not all that different from any other patch system, on any other OS - unless you are compiling from source that you have looked personally diff'd and examined the changes, you are still trusting your patch provider to do the right thing; binary packages on *nix are no different from binary .msu or .exe files on Windows Update in that respect.

Now, while you can still defer the installation, you don't have that per-patch flexibility. That could potentially mean that you have to choose between breaking something critical to you (e.g. the USB webcam borkage of the recent Windows 10 update) and leaving your system exposed to some critical and remotely exploitable vulnerability instead of just patching the critical hole and waiting for Microsoft to fix the USB webcam issue. Yes, when it works, the new approach will be simpler, easier for everyone to manage, and will no doubt help alleviate some of the problems with Windows Update's seriously broken version control mechanisms, but Microsoft's track record on "when it works", has been pretty dire lately. It's also much easier for Microsoft to slip something nasty in there, again something their track record on has been pretty dire of late.

Frankly, I'm all for this latest brain dead move by Microsoft. Those that have a bit of technical nous can figure out some viable approach to patch management and additional security layers easily enough (they shouldn't have to, but still), while many of those that don't are inevitably going fall foul of a series of future USB webcam style screw-ups in the future. Same result in both cases; more pain for using Windows and a greater chance that alternatives will be considered, and anything that disrupts the Microsoft monoculture is fine by me.