One of the fundamental rules of a stable, controlled production system is that you apply updates singly, after they've been tested, and you document the change. This way you can ensure that if a problem occurs, you can do some backtracking to see what might have caused instability.

So when I saw this piece about stealth updates, and a related opinion piece, I was stunned.

As much as I like many of the people at Microsoft, this is the type of arrogance and "we're smarter than you" attitude that needs to be stopped. And this alone, this one thing, would make me support some regulation of Windows as an OS by the government. Make some bureaucrat sign off on all patches.

I don't care if these are the best, most stable, secure, well written patches ever built anywhere. DO NOT UPDATE MY PC without my knowledge. It's a family show, so I've removed the four letter bombs that originally decorated this editorial.

Now I know most people use automatic updates, and that's ok. For the average user, this might cause some issues, but it's acceptable if they choose to use automatic updates. But if they don't, then don't force anything on them. If anyone's doing the forcing, it should be a government, and I don't even like that.

There's a blog entry from Microsoft PM Nate Clinton that attempts to explain things. It does an ok job of explaining that the "stealth" install doesn't happen if automatic updates aren't installed. It says that it does stealthily install if you download, but ask to be notified. Why?

According to the Mr. Clinton (not the ex-President, but an answer worth of the same), "The answer is simple.".

You can read his explanation, but basically he says that users would think they were being updated, but they wouldn't be able to because the client wasn't updated.

Huh?

You notice they didn't have any trouble telling you that without WGA you wouldn't be patched. What a load. You messed up (substitute your own four letter word here).

I have to think this violates the Sarbanes-Oxley laws for companies and they should be complaining. Every single patch or change to a financial system, which are Windows based in many cases, needs to be tracked and noted. Microsoft can't be making changes to any desktops or servers without an administrator for a company agreeing to the change.

And those days of patches causing problems? They're not gone. Think about the Skype outage recently. I know one of my main SQLServerCentral.com programs, the one that loads articles, has changed behavior twice in the last few months. It's a simple .NET app and it started acting differently a little over a month ago, with dialogs not coming to the front of the screen. That wasn't a big deal, but after the latest patches, it won't even run anymore.

Now that's not something I was looking forward to dealing with.

For an interesting look on this release, read about Microsoft's PR blogging.

Watch Your Clock

Daylight savings time will be late this year, not moving until Nov 4. So if you haven't updated your machines and did the manual switch (twice), then get ready to do it again (twice). Instead of Oct 28, it will be Nov 4 this year.

If you are worried, Microsoft is working on some tools that you have to apply yourself. No stealth changes here.

Steve Jones