For those of you that did not see the news earlier in the week, Microsoft was forced to pull the Windows 10 update released for October due to an expected data loss issue. Microsoft has since fixed that update and re-released it for beta tester verification. Please continue to monitor this process to ensure you safely patch your Windows 10 environments.
Now we see support restrictions and limitations entering the debate between Windows 10 Pro and Windows 10 Enterprise for business environments. We have already seen the challenges surrounding Windows 10 Pro and the limitations it presents in a 2016 Active Directory environment. Many controls and GPO options do not exist. Now we face the possibility of limited support timeframes. Microsoft is certainly forcing the decision making process for many businesses and Enterprise has a much steeper price tag.
We are no longer dealing only with “end of support” notices for previous OS’s within the Microsoft family. Now Microsoft is ending security updates for versions of the existing support OS platform, in this case Windows 10. Please verify your versions and update accordingly.
This is a fantastic article by the team at SANS which provides some great tips on managing the sneakiness of Microsoft and some of the data mining built into Windows 10. Catalog these tips and put them to good use.
Be aware of this back door vulnerability in Windows 10. Microsoft is working on a fix as it pertains to the privilege escalation issue.
Given the many security challenges and loopholes in the new Windows 10 OS, combined with Microsoft’s new all or nothing patching strategy, another alternative OS and hardware platform is always welcome. I am thrilled to see Dell embracing dedicated hardware configurations for these Linux flavors. Add in MacOS and we are starting to see real options beyond the legacy footprint of MS Windows.
Though the news of this update problem with Windows 10 is sad on a variety of levels, I share it here primarily because it demonstrates a serious problem with the cumulative patching approach Microsoft has adopted. These types of problems are going to cause more and more people to lose faith in the patching process, building the assumption that patches break more things than they fix. There was a similar mentality in the early builds of Windows 95. This is bad…very bad. Security updates are critical and need to be trusted by consumers.
This is a very thorough and scathing attack by the EFF against Microsoft and their aggressive rollout of Windows 10.
I am not surprised by these statistics and frankly I think the number will only rise of those willing to forego Windows for another operating system once the changes in the Windows 10 Anniversary Update are released and applied. There are simply too many privacy concerns and configuration limitations in Windows 10 for the security conscious public.
Should the tagline for the article post be “Kudos to Microsoft” or “About Darn Time”. I am leaning toward the latter, but regardless, it is good the process has been simplified.