Realizing that yesterday was “Update Tuesday,” I opened up my update history on a production Windows 8.1 PC this morning, and found 40 (!) updates of varying shapes and sizes had been installed thereupon. You can read all about what hit yesterday in the MS Security Bulletin Summary for May 2015 if you like, but you’d best set aside at least half an hour to chew your way through its formidable contents. Suffice it to say here that you’ll find two critical items (MS15-043 and MS15-044) that could permit remote code execution, one that provides a cumulative security update for IE, the other that patches TrueType font driver related issues for Windows, .NET, MS Office, MS Lync, and Silverlight.
The big bulletins for May pose interesting vulnerabilities for IE and “TrueType fonts everywhere.”
Just for grins, I jumped over to my Windows 10 test machines and found a single common update from the herd of Windows 7/8 items had propagated over to the new desktop OS — namely, the usual monthly update to the Windows Malicious Software Removal Tool (KB890830). I’m not sure how many of the other updates released for earlier desktop OSes yesterday had already been applied to Windows 10, nor how many common elements may still be forthcoming. It seems fairly obvious, however, that ongoing streaming of updates instead of batching them up for monthly release will definitely lower the Wow! factor for those who have updates applied automatically when they log in the day after “Patch Tuesday” — err, rather, “Update Tuesday,” as Microsoft’s new nomenclature would have it.
The upcoming delivery of Windows Update for Business (see my May 6 blog post for details) means that enterprise admins will be able to permit some updates to propagate to end-users if they so choose, while holding back others for testing and safety/compatibility checks. My best guess is that enterprises will stick to their current approaches and toolsets, trusting to their own tried-and-true update handling techniques for some time to come, as they work with and try out WU4B to see if it does them any better than their own methods already do. The jury will be out on that question for some time to come, because it all hinges on large-scale, wholesale upgrades to Win10, which often don’t happen until 1-2 years after initial release to the general public. I’m wondering if Win10 will bring enough compelling new features to the party to accelerate things a bit, or if the impending retirement of Windows 7 and the lackluster response to Windows 8 might not prove a more telling impetus in the long run. We’ll see!