[buffoon]

Appeared on WSUS as well...

NEVER turn on auto updates on windows. Read all the KBs, then choose to install, ALWAYS. If you have a corp network, use WSUS and stop all updates and check them. If the KB is content-free like the new ones, no install. I avoided the whole CEIP bag of shit and Windows 10 upgrade notification hell thanks to that.

[mabbo]

I'll be sure to tell my 60-something mother to make sure she reads all KBs before deciding to install the updates that Windows is telling her is super important.

I'm sure this won't increase my load as the family technical support person at all.

[moron4hire]

Always turn on auto-updates. The likelihood of you missing or delaying an update and getting hit by an a known exploit is a lot more likely than an exploit getting through the update system or enabling a new exploit.

[odonnellryan]

This is NOT good advice for reasons other than you're thinking.

Simple reason: if your computer updates it is not in a stable state until a reboot. Simply, your computer may not ask you to reboot after an update, but some software will (eventually, not every time) run very odd until you reboot.

I've seen this happen many, many times on my own machine and on many company machines I've managed.

It's best to install updates when you want to install them.

[jlgaddis]

> It's best to install updates when you want to install them.

For company servers, I absolutely agree.

For corporate desktops, the administrators of WSUS (assuming an environment large enough to warrant running it) should approve them for installation after having had a chance to review them. Even so, the desktops should (IMO) be set to automatically install them and reboot once they are available.

For home PCs, just set them to automatically install and reboot and forget about it (n.b.: general rule; obviously there are/will be exceptions).

Personally, my own Windows machines (a grand total of two, running Windows 7 Professional, that are very rarely used), are configured to automatically download and install updates at 11:00 p.m. on Mondays. When an update is released that breaks things, this gives me about six days to hear about it and turn off Windows Updates until they get it fixed (assuming a typical Patch Tuesday release). A long time ago, I reviewed every update before installing them but not anymore. When one of those "drop everything and patch now!" updates comes out, I hear about them elsewhere and install them manually.

[odonnellryan]

> be set to automatically install them and reboot once they are available.

I mean, it isn't the end of the world, but your helpdesk will be getting a few calls because your users are refusing reboots!

[paulmd]

Haha, "refusing reboots". You know what happens to our work PCs when you click "postpone"? Fuck you, that was your warning. If you disregard it, in five minutes you get another 20 second warning to desparately hammer "Save" before your system force-reboots.

Not during the middle of the night, either - typically these get pushed out around 10-11 AM.

[jlgaddis]

If you push them out during the day when everyone is working, sure. At 2:00 a.m.? Not so much.

[buffoon]

No no no no no. I've watched entire networks of machines downed with auto-updates. Always read, always test.

[moron4hire]

It might make sense to pay a guy to make this his job for hundreds of computers on a corporate network, but there is no way in hell I'm keeping that close of track of updates on my home computer.

And when was this, over a decade ago? Also, what evidence did you have it was the auto-update system that caused the outage? Past performance is not a predictor of future performance.

Seriously folks, turn on auto-updates.

[Silhouette]

Seriously folks, turn on auto-updates.

I'll add my voice against this, if you have enough technical knowledge to check more carefully. I too have seen numerous occasions where something installed via Windows Update has taken out a machine and required significant action to restore it to normal functionality. My personal policy has long been security updates only, and even then I tend to do a quick web search before letting them install, which has saved me from the odd howler in the past.

On the other hand, the number of times I have seen a PC rendered inoperable or compromised because it didn't install a Windows update within 24 hours of the update being available is zero. Even if the PC is just a simple home machine, there's probably still at least some sort of firewall/router between it and the public internet, and just about any device like that is going to block unsolicited incoming traffic by default these days. To get compromised within that time frame you'd likely have to actively open something or visit somewhere that included an exploit for a new vulnerability, and while that is always a risk even on a fully patched system, it's not a big one for most people.

[JupiterMoon]

I guess you trust every website you visit then? And the ad networks used by the sites you visit...

[Silhouette]

Approximately nothing installed via Windows Update will protect most people from most threats they might find on web sites.

It's far more important to keep your browser and plug-ins updated to guard against those threats. Personally I also block almost all ads and other third party content, primarily on security and privacy grounds, which also significantly reduces the risk of running into malware while browsing.

If IE or Edge is your browser of choice then of course updates for those are going to be a priority for the same reasons. But even then, if someone has managed to compromise sites like Google's or Microsoft's so you can't even do a ten second web search before installing a patch without getting hit by an exploit that patch would have blocked, we're all in pretty big trouble anyway.

[vacri]

> Past performance is not a predictor of future performance.

Hogwash. If this were true, there wouldn't be the concept of reputation.

[buffoon]

This was Oct 2014. KB2949927.

[dpark]

So your "read all the KBs and choose" strategy would have prevented this, really? You would have read that KB2949927 adds SHA-2 cryptographic support and said "No, we don't want that one. We'd rather stick with deprecated SHA-1"?

[buffoon]

No we go "hmm that might fuck something up; let's try it on a test VM" or at the very least google and see if anyone else has any problems.

[throwawayaway]

auto-updates have goosed more windows systems on me than malware. I'm not even a sysadmin.

there's been a few comments in the wild saying windows 10 can install without your permission. it may even be true, a bug.

so yeah I 'seriously' disagree with you.

https://www.google.de/search?q=crash+tuesday+broken+windows+...

scroll back through the years.

[bashinator]

> auto-updates have goosed more windows systems on me than malware. I'm not even a sysadmin.

I would hazard to say that if you were a sysadmin, then this would not be the case.

[moron4hire]

Eye-witness accounts are the least reliable source of evidence.

[throwawayaway]

https://www.google.de/webhp?hl=de#hl=de&q=%22microsoft+updat...

how about confessions?

[Nadya]

I have auto-updates turned off for absolutely everything. I read patch notes before upgrading anything. Especially on my personal computer.

In nearly 100% of all scenarios that I've ever, ever had issues with anything. It's because an update broke something - sometimes irreversibly. Auto-updates are a larger threat factor for me than malware or niche security threats that only attack certain features that I don't utilize (thus I'm not a potential target for that attack vector).

>Past performance is not a predictor of future performance.

In some contexts I agree with you. With programming - I disagree entirely.

Bad programming habits are a great predictor of continued bad programming habits. When the same threat vector pops up again and again in a program it's because the programmer isn't learning from past mistakes. Video game bugs are proof of this.

The first thing many glitchers do on a game I play is test variations of old, patched bugs on new updates to smuggle items out of areas that you shouldn't be able to smuggle items out of. It almost always works. Because the general, underlying problem has not been fixed. They just throw band-aid patches on it after the fact and forget to apply the band-aid patch to future updates, allowing the bug to resurface. The same variations of the same bug have been resurfacing for over a decade now.

Bugs resurface all the time in software, because programming is really tricky to get perfect and humans repeatedly make the same mistakes time and time again.

[moron4hire]

System exploits wouldn't be doing much good for the exploiter if they left your system unusable.

[Nadya]

You're falsely equating "broken updates" and "security exploits" and I'm not sure why. I thought I was clear that I was comparing the two as separate negative occurrences with one happening more frequently than the other. Not that one would cause the other...

An upgrade provided by the company that is completely legitimate that completely renders the program unusable or destroys my workflow has happened far more often than my system being compromised has ever negatively affected me. I could count on a stub the number of times I've known my system to be compromised. I'd have to count on my hands using a binary method to count the number of times a legitimate update was botched.

I still update my programs. I just don't let them do it automatically. Leaving an extra few attack vectors up for a few days/a week to let the patch mature or for an emergency-fix patch (i.e. 30-->30.0.2 "Super major security exploit was live for 3 hours but we fixed it") to be released has always worked to my benefit. I've never had a negative outcome for waiting a few days to patch. I don't have to deal with botched releases or newly opened attack vectors. Instead I get to listen to the canaries in the mine.

Also what happens when an auto-updater gets compromised? I get to listen to the canaries. You get to be one of the canaries. So for that, I thank you.

[odonnellryan]

You're right, but for reasons that people may not realize right away.

It isn't the content of the update you should be weary of (make this decision for yourself if you care this much) but it is the act of updating machines that will cause problems.

When a Windows machine updates (yes, even as of today - I had this issue just last week) it is in an indeterminable state until a reboot, even if the update doesn't require a reboot.

[Already__Taken]

Are you rebooting all your windows servers for each little update too then?

[odonnellryan]

No. In a perfect world yes, you would update immediately. However, it isn't practical. Define what's a good time frame (week, month, daily) for your server, its role, and your manpower and stick to that schedule.

I can definitely say that it is better to wait to update when you can reboot than to update immediately. Of course, if there is a really bad vulnerability, update immediately. Let the user know it's an exception.

[CamperBob2]

This was true until Microsoft started shipping their own "exploits" (read: updates that are more for their benefit than yours.)

After the Windows 10 debacle, I'm looking to get off of Windows as soon as I can afford to. Whoever decided to turn Windows Update into an advertising platform needs to be fired -- it's that simple.

[PhantomGremlin]

Whoever decided to turn Windows Update into an advertising platform needs to be fired

Not that I ever plan to run it, but my understanding is that Windows 10 itself, not just Update, is an advertising platform.

Nobody in Vegas is taking odds that someone will be fired. But I'm in full agreement with you. Someone should be fired.

[iridium127]

auto-installing new security updates but having a delay of 24-48hours before installing them might be a safer alternative

[imperialdrive]

lol, thanks 'moron4hire' I almost took you seriously :-)

[imperialdrive]

Very good advice... I agree. Took me a long time to figure that system out, but it sure works well!