Microsoft Sheds Light on Windows 10 Patches

Addressing a major sticking point for IT administrators tasked with maintaining end-user systems, Microsoft is now publishing Windows 10 update details.

Windows 10 security

Microsoft is finally lifting the veil of secrecy surrounding Windows 10 patches. Starting Feb. 9, the company began publishing a Windows 10 update history online.

In an email statement, a Microsoft spokesperson told eWEEK the following: "After listening to feedback regarding the level of disclosure for Windows 10 updates, we decided to implement a new system for communicating updates to the operating system. Today we are rolling out the Windows 10 update history site, a hub for the release notes that will accompany each update and serve as a historical record of prior release notes."

Though Windows 10 has generally been met with a warm reception since its July 29 launch, one of the major criticisms levied on the operating system is the lack of patch notes. Without visibility into the changes introduced by a new update, many IT professionals balked at the prospect of deploying an OS that may unexpectedly render their users' devices and applications unusable due to an incompatibility.

In the wake of the Windows 10 launch, Susan Bradley, a security specialist and Microsoft MVP, kicked off a petition calling on Microsoft to provide visibility into patches and more controls over the update process.

"People that care about their PCs have to know what is included in the updates, especially admins who need to validate and confirm updates. Then we have numerous examples of where firmware and drivers have caused issues. We can't just have control over after they update; we need control before they install," Bradley told eWEEK.

Hosting industry watchers at its Redmond, Wash., headquarters last summer, Microsoft pledged to provide enterprise customers with information on Windows 10 updates. "We've heard that feedback from enterprise customers, and so we're actively working on how we provide them with the information to understand what's changing and what new capabilities and new value they're getting with these updates," Jim Alkove, former corporate vice president of Microsoft Enterprise and Security, said at the time. (Alkove has since moved to Nest, owned by Google's parent company Alphabet.)

Today, all Windows 10 users can review the bug fixes and added functionality included in an update.

"We're currently delivering updates to two distinct Windows 10 branches. The July initial launch branch (build 10240), and the November update branch (build 10586). We introduced new operating system features in November after having previewed, or 'flighted,' them with our Windows Insiders between July and November," states the online Windows 10 update history support document.

In the summary for the Feb. 9 cumulative update, Microsoft reveals that the latest patch contained a fix for an Edge caching issue affecting visited URLs in the browser's privacy-enhancing mode along with a bug that prevented remote server configuration on Windows 10. Microsoft published the patch's security updates to a separate online document (KB3135173). They include fixes to .NET framework and NPS RADIUS Server vulnerabilities that could potentially enable denial-of-service attacks.

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the network of...