Skip to content
Naked Security Naked Security

Microsoft gets users test driving Patch Tuesday’s non-security updates

Are Microsoft's new C and D updates a good idea or a beta by another name?

Microsoft will install non-security patches on Windows machines in advance of Patch Tuesday, if users select a new and not particularly descriptive option in Windows Update, it was revealed last week.
The company explained the new ‘Check for Updates’ box in Windows 10 in a recent blog post, but left some concerned that users unfamiliar with what it does might stumble into stealth beta program.
Not all Microsoft updates are created equal. In fact, the company identifies three kinds in the blog post. The most commonly-known update is the B release, which is the cumulative update that the company ships on the second Tuesday of each month (known as Patch Tuesday). This patch contains both new and existing security fixes, alongside previously-released non-security patches.
There are also another two types of optional update released in the third and fourth weeks of the month, known as C and D releases. “These are validated, production-quality optional releases, primarily for commercial customers and advanced users ‘seeking’ updates,” says Microsoft, adding that it makes them optional to avoid making customers reboot their Windows operating systems more than once a month.
Microsoft puts quotes around the word ‘seeking’ because customers that opt to install these patches early are often called seekers.
The C and D patches are the non-security updates that eventually make their way into the subsequent month’s B release, the company explains, adding:

The intent of these releases is to provide visibility into, and enable testing of, the non-security fixes that will be included in the next Update Tuesday release.


In its post, Microsoft also says that advanced users can access these releases by opening Settings and selecting the Check for Updates option in Windows Update.
This has some in the computing press a little upset because the performance of some Microsoft patches and updates has been less than stellar lately. PC Magazine points out that selecting the Check for Updates option would have downloaded an optional patch released late last month that crashed the Surface Book 2, and which Microsoft later removed.
Some see that as evidence that Microsoft’s new optional releases are a beta program by another name, one that allows Microsoft to try out updates on customers in advance of Patch Tuesday.
Microsoft is keen to stress, however, that the C and D updates are production quality releases that are identical to the non-security updates that will be included in the upcoming Patch Tuesday:

“C” and “D” monthly releases are validated, production-quality optional releases

This new updates exists quite apart from its Pre-release Validation Program, as well as its other software testing efforts, and there’s no reason to assume it’s an attempt to hoodwink customers, or that customers who check the option by accident will suffer unduly.
Making non-security updates available in advance of Patch Tuesday is supposed to give “seekers” confidence that the second Tuesday or each month is going to deliver fewer unpleasant surprises.
The bottom line though, is that for frustrated users it doesn’t matter when the unpleasant surprises come, only that they do.

12 Comments

Given MS’s track record of “production-quality” releases *cough* 1809 *cough*, the statement that ‘“C” and “D” monthly releases are validated, production-quality optional releases’ doesn’t provide any confidence whatsoever. All their doing is accelerating the rate at which public trust is eroding. It’s one thing to mess up a release. It’s another to systematically and deceptively roll out updates to unwitting users who will undoubtedly suffer as a result.

Reply

Time was when software was test three ways, at least, before being released. The alpha software was tested by the development teams to ensure there wereno glaring bugs or flaws. Then it was beta tested in house by peoplke not in the development teams to ensure there were no misguided elements or misunderstood elements. Then there was UAC testing by support personel and technical authors as they learnt about the new software and meanwhile looked for faults that could trip up users. Nowadays it seems that the alpha testing is done by scripted means, so will miss any unintended aspects as the scripting is wruitten by the developers themselves and is not therefore independent. The beta test phase is now being forced onto users, which can be very dangerous if they try to use it in a ‘production’ envoronment. The UAT phase is aso left to the users putting them at unnecessary risk. I worked in software development for many years and followed the better process above but have has several issues with poorly designed and porrly tested (or even untested) software. The lack of good test coverage leaves users open to risks that were not foreseen allowing potential risks to be serious and unknown.
It is not good practice to reduce the level of in-house testing but many do it to ‘save money’ but end up having to develop ‘fixes’ that would not have been needed if testing coverage had been good enough.
Companies must not use paying customers as ‘guinea pigs’ to do the testing for them.

Reply

Seriously thinking of suing Microsoft, they seem to be purposely attempting to destroy my netbook. It is but a modest little beast manufactured by HP, purchased then running Windows 7, it did what I wanted it to do, albeit slowly, but it worked. I have had to rebuild the machine now three times from an image now nearly a year old. As soon as I put it online to update browsers and so on, an infuriating Microsoft “update” screws it up again. Each time something else is missing and I have seriously in the last 3 months spent more time fixing it than using it.
The machine claims that its recovery drive has been corrupted and then states that it isn’t when tested. Simple option out of the window (no pun intended) so back to restore from image.
Anybody know how to start a class action against Microsoft, there must be plenty of us about?

Reply

@Mike: I have a Windows Signature Edition HP Stream 7 tablet that Microsoft seems to break with every major build because Windows Update fails to preserve or reinstall HP’s critical drivers for it. The first time a Windows Update broke it, I went through the excruciating process of fixing it myself. The next time it dawned on me that my office is nearby a Microsoft Store so now I delegate fixing it to them, which they eagerly do for free. Fortunately, the Stream is a $99 Windows 8 novelty that now runs the latest version of Windows 10 so it’s no problem to leave it with the Gurus for a couple of days. It’s also an excuse to check-in on the Microsoft Store experience. Their customer service is in some ways superior to Apple/Stores, albeit their store is nowhere near as busy as the much larger Apple location that’s even closer to my office.

Reply

Any process that requires you to hand over a machine for a couple of days is badly broken IMO.
I say this as somebody who’s been trying to figure out how to get his Mac laptop battery replaced for about six months. I used to be able to service my own MacBook Pros, so I could do it in an evening, but now it has to be done by a shop. That means handing it over for n days, which means losing n days worth of business, or keeping a very expensive machine in reserve.
I do have a spare machine, and I was going to transfer everything via Time Machine. This requires both machines to be on the same version of MacOS, and it turns out the reserve is too old to run Mojave…

Reply

you need to find a serious evidence that correlates the MS update with your laptop issues. I’m talking about logs or code that would have done it. I would also imagine Microsoft’s response would be a billion laptops did not get broken with this updates so this could merely be a coincidence

Reply

Paolo, what you sau is totally true and would be expensive to pursue. The marginally cheaper option is probably to buy an Apple.

Reply

MS – Patches break things, corporate versions have gaming and shopping software, office apps are more confusing every version and hide the most common features. It’s almost like they want industry to leave their product completely.
Maybe the employees hate the company more than it’s customers and they are trying to ruin it? Or as a company they are so stuck on themselves they sniff their own farts and go “wow, we have to market this”. Thanks MS, but when another company offers a Domain type environment in the next few years, you won’t be able to catch up – not with the reputation you’ve built for not respecting customers.

Reply

If you could describe what features you need to make something “domain like”, I could see if there are any linux products that allow it.

Reply

Thank you, there are some. (Samba and similar) I wish it was as easy as just changing a PC, but being deep in an MS infrastructure (software and hardware) makes a big challenge.
But with MS motivating industry by screwing around so much, hopefully we will see more mature replacement options being adopted in large business to replace MS all together. Which will start a major shift.

Reply

I only have one Windows machine in the house and I spend more time fixing it and updating it than I do getting any useful work out of it. I have purchased my last Windows computer thanks to Windows 10. I was very happy with Windows 7 until one morning I turned on my monitor and there was Windows 10 installed on my machine without my permission along with a list of programs that no longer worked. You know this trend by Microsoft is the very direction that Bill Gates wanted to do when Windows was first made. He wanted users to own what amounted to a thin client terminal and for us to rent program time on his big servers but at the time there was no infrastructure to support the plan. If Microsoft does not change the way they operate they will fail because customers will find a better product. I have switched to Linux and will never be back Microsoft, thanks for the ride but I am done.

Reply

I frankly distrust Microsoft’s Updates and I work in corporate IT support. I normally delay deploying Windows Updates a month on our WSUS server because we have been burned too many times. We are also on WIN 10 1709 so we are roughly a year behind on WIN 10 versioning.

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!