
Windows 7, 8.1 moving to Windows 10’s cumulative update model - rbx
http://arstechnica.com/business/2016/08/windows-7-8-1-moving-to-windows-10s-cumulative-update-model/
======
auganov
Sounds reasonable. But can't they keep them seamless? (silent) The other day I
woke up, and out of nowhere I got the Anniversary Update (must have triggered
during my sleep).

Desktop style messed up, taskbar messed up (IE and something else magically
decide to come back), a few things added to startup, some new windows 10 Skype
app trying to log me in without even asking (really?? and it basically "stole"
the credentials from the regular app?? quickly uninstalled it), SkyDrive pops
up and tries to do stuff, VirtualBox broken for some reason - had to
reinstall, a few file associations reverted to defaults, and most funnily no
obvious new features.

It's like someone searching through your house leaving a big mess behind
without a decent excuse.

~~~
nikbackm
The Anniversary Update (and previous Windows 10 edition updates as well) is
basically a re-installation of the whole operating system with the settings
from the old installation migrated to the new one.

This migration is not quite seamless, always a few options/settings that have
to be re-done manually for me.

But that has nothing to do with this new cumulative security update model,
it's not a full re-installation.

------
CommanderData
This is the biggest reason I stuck to Win 7. Windows update process is an
abomination and can't understand how its allowed. Two of my other systems
booted up and took 30 minutes for updates to install before logging me in. One
is a PC stick and other is a desktop. Unacceptable waste of my time. I should
be able to choose which updates.

~~~
joering2
Can you or someone suggest what to do after new laptops won't accept Windows 7
anymore?

At this point with new lap I just buy Windows 7 and Office 2010 and with
limited updates first then turned off I'm a happy camper and hadn't had issue,
virus or malware since 2007.

I tried Mac few times but for someone who loves Total Commander, I was totally
lost :(

Will any Linux with decent GUI do it?

~~~
CommanderData
Windows 7 was extended to support Skylake. I'm not sure if Microsoft was
backtracking after their original announcement or if limited Skylake support
was part of their ultimate overlordian plan to have everyone switch to Windows
10.

Original: [http://www.computerworld.com/article/3023533/microsoft-
windo...](http://www.computerworld.com/article/3023533/microsoft-
windows/microsoft-support-windows-10-new-hardware-itbwcw.html)

Later: [http://www.extremetech.com/computing/225075-microsoft-
gives-...](http://www.extremetech.com/computing/225075-microsoft-gives-
skylake-a-one-year-reprieve-will-support-windows-7-through-2017)

Whether Intel's new processor, Kaby Lake, is supported by Windows 7 I don't
know. If someone does I would be interested.

Seems Microsoft's aggressive upgrade strategy has not ended even though the
recent successful lawsuits.

~~~
Silhouette
Unfortunately, under Microsoft's current terms, it looks like OEMs won't be
allowed to supply new machines with Windows 7 or 8.1 preinstalled after 31
October this year.[1]

So as things stand, if you buy a new PC with Windows after that date, you're
getting Windows 10 preinstalled whether you like it or not. In some cases, it
looks like downgrade rights might still apply, but that involves a lot of
hassle and may depend on the willingness of your OEM to support it.

Whether the OEMs will actually stand for this, I don't know. Vendors we buy
from still tend to supply Windows 7 Pro by default on new business laptops,
for example, which suits us (small business environment) fine since we have no
interest in moving to Windows 10. If Microsoft turns around in a couple of
months and tells OEMs they can no longer sell what their customers want to
buy, there's going to be a mighty fight.

[1] [https://support.microsoft.com/en-us/help/13853/windows-
lifec...](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-
fact-sheet)

~~~
basch
Windows Pro comes with downgrade rights. Buy 10 Pro, downgrade to 7 yourself.

~~~
Silhouette
As I said, downgrading that way involves a lot of hassle and potentially
relies on the willingness of your OEM to support it. It's hardly an
improvement on just buying a machine with the OS you actually want already
installed and working, which is what we have today.

------
Severian
I don't know what MS did to the update system in the last year, but every time
my system goes to check updates, it runs at 100% on one CPU for hours. Usually
after waking it from sleep or a cold boot.

I've run the "Problem Fixer" utility for Windows Update, deleted the update
cache, and all the other recommendations with no success. I end up killing the
wuauserv service to free up that CPU.

It used to work 100% fine until the Windows 10 nag/forced upgrade debacle
started being pushed out.

~~~
retox
Same here, only in my task manager its listed as a service host process which
is pegging one core at 100%. I didn't understand what it was for months until
I must have let it finish because I wasn't doing anything CPU intensive and I
got a Windows Update message. Funny thing is that after I clicked to see what
updates were available, it had to do the whole process again!

This is the last version of Windows I will run.

~~~
Silhouette
We've had some similar problems with Windows Update on our Win7 systems in
recent months as well. On a many-cored workstation it's an annoyance. On an
older laptop with a dual core CPU, it's crippling.

Like others posting here, we see the service host process spinning an entire
core at around 100%. That keeps the CPU clock speeds and power draw up all the
time as a notable side effect.

This seems to be a separate issue from problems with Windows Update taking
hours to check for and/or apply the updates themselves.

~~~
barrkel
Glancing at the stack traces with symbol server downloads enabled, it looks
like there's a n^2 or potentially even exponential algorithm being run during
the checking phase - checks are run both passively and when actively applying.
There's something very wrong with the design of the algorithm - it obviously
doesn't scale. Bigger, fewer patches may simply be reducing the size of n.

IMO a better approach would be to offload the work to MS: upload a list of
applied updates and let the cloud do the crunching. Much higher chance of
memoizing and reusing work that way too. It's a sign of MS's client oriented
culture still sticking around.

------
tdkl
This will cause happy times when a single update in the bundle starts causing
problems and render your system in non-working state.

Good that MS never shipped a crappy update like that. /s

Another big "fuck you" and taking away control over own machines.

~~~
GrumpyYoungMan
>Another big "fuck you" and taking away control over own machines.

Considering how poorly the average end user maintains their machines and the
sheer quantity of malware out there, taking away control over their own
machines is the kindest thing MS can do.

~~~
Silhouette
But what about people who aren't average users and do know how to look after
their machines properly?

Microsoft have caused a huge number of serious problems with Windows 7 updates
over the past year, many of which could be avoided by not installing a bad
update.

~~~
digi_owl
Welcome to modern personal computing. There are only two types of people,
users and developers. And developers consider all users drooling idiots that
needs to be protected from themselves. Power users, admins, none of those
exist in the eyes of the developers.

And you see this across the board, from Microsoft to Apple, and even among the
Linux user space developers.

~~~
Silhouette
That's really no excuse. We're developers, and yet we manage not to abuse our
users or treat them like idiots. If our little company can do it, I'm sure
others can.

------
krylon
As a sysadmin at almost-Windows-only company, I am still kind of surprised at
the state of updates on Windows.

On Debian, CentOS, or FreeBSD, server and desktop, I usually install all and
any updates that are available, reboot if there is an update to the kernel (or
libc) and move on.

The fact that there is even a need for "patch management" beyond "just ____ing
deploy them already " is ... embarrassing for Microsoft, IMHO. But simply
installing any and all updates that Microsoft publishes has shown to be a bad
idea. So I really hope that at least using a WSUS will allow me to pick what
updates get installed.

------
walterbell
_> Microsoft will also create security-only updates that include all the
security fixes released each month, without any reliability or feature
changes. These updates won't be cumulative. They will only be offered via WSUS
and SCCM; WU users won't see them._

Can anyone use WSUS and SCCM, or are these licensed separately, e.g. with
Windows Server?

Could the US FTC require that security updates be delivered separately as a
condition of sale, i.e. cannot be bundled with non-security updates? They are
already studying mobile device security updates, [https://www.ftc.gov/news-
events/press-releases/2016/05/ftc-s...](https://www.ftc.gov/news-events/press-
releases/2016/05/ftc-study-mobile-device-industrys-security-update-practices):

 _" In order to gain a better understanding of security in the mobile
ecosystem, the Federal Trade Commission has issued orders to eight mobile
device manufacturers requiring them to provide the agency with information
about how they issue security updates to address vulnerabilities in
smartphones, tablets, and other mobile devices. The eight companies receiving
orders from the FTC are: Apple, Inc.; Blackberry Corp.; Google, Inc.; HTC
America, Inc.; LG Electronics USA, Inc.; Microsoft Corp.; Motorola Mobility,
LLC; and Samsung Electronics America, Inc."_

~~~
asherkin
Both require running on Windows Server, WSUS is "free", SCCM is "very
expensive".

~~~
walterbell
Thanks, can Windows Server 2003 be used to run WSUS for updating Windows 7
clients?

Edit: looks like a user or device CAL (Client Access License) is needed for
each Windows 7 instance that is connecting to WSUS to receive security
updates.

Edit2: it may be possible to manually copy security-only update files from
WSUS to unmanaged Win7 clients that have no CAL.

~~~
EvanAnderson
There was a time, at one point, when MSFT qualified that CALs were not needed
for WSUS if the underlying Windows Server version did not require CALS:
[http://www.wsus.info/index.php?showtopic=5592](http://www.wsus.info/index.php?showtopic=5592)

Getting definitive licensing answers out of MSFT has proven difficult for me.
I've gotten varying answers from different people in the past (not necessarily
about this topic). MSFT definitely keeps things vague, IMO, to keep their
options open.

------
wiredfool
It looks like this change happened around April/May 2016.

Which coincidentally is when my infrequently booted windows install started
crashing in the middle of windows update. (Update enabled, 10 min uptime.
Update disabled, Days, with sleep/hibernate/wake cycles)

~~~
wiredfool
(I'd suspect hardware, but the linux install that's normally running has its
uptime only limited by rebooting for kernel updates)

------
wfunction
Is this so that they can bundle the Windows 10 nagware into the bugfixes?

~~~
creshal
They already did that a few months back, one critical IE security also reset
the "disable GWX" registry keys.

~~~
wfunction
Wow. Which one?

------
PaulKeeble
Windows 7/8.1 users are not going to be happy, its one of the reasons they are
sticking with the older OS.

~~~
btb
I just hope its not part of some plan to sneak in windows 10-style spyware
onto older windows versions, by bundling it up with important security updates
one pretty much have to install. At least the windows 10 upgrade we could say
no to.

~~~
ctolkien
If you're referring to the telemetry in Win10, similar telemetry was patched
into Win7 a long time ago.

~~~
walterbell
In theory, aren't those individual update packages removable?

~~~
ordinary
Yes. Incomplete list for Windows 7: 3015249, 3022345, 3068708, 3080149,
3175249.

------
msravi
From the article:

> This means that the ability to pick and choose individual fixes to apply
> will be removed; they'll be distributed and deployed as a singular all-or-
> nothing proposition.

So, if this "update" contains the Windows 10 nagware or all that fancy new
"telemetry" that I definitely do not want, I don't have an option...

I currently run Windows 7 on a VM on OS X, using it only to (a) digitally sign
documents since the hardware key that is provided only works on Windows, and
(b) do my annual IT returns with an Excel utility that again, only runs on
Windows. Looks like (b) is no longer an issue - there's now a Java utility
that does the same thing. Now if only I had a way out of (a), I'd get rid of
Win altogether.

------
bsilvereagle
It's not clear from the article, but will we be able to cherry-pick and
uninstall updates we don't want? Does the roll-up show as one update in
Windows Update or can we cherry-pick and uninstall anti-feature updates and
leave the security updates?

~~~
laurent123456
Apparently not:

> This means that the ability to pick and choose individual fixes to apply
> will be removed; they'll be distributed and deployed as a singular all-or-
> nothing proposition.

------
executesorder66
A great way to very slowly upgrade everyone to Windows 10.

~~~
Silhouette
Not really. We've already been installing only security updates, in light of
the instability problems and silliness like the GWX campaign. It looks like
this might be the point at which we consider installing Windows 7 updates to
be a higher risk than not updating at all and just switch the whole thing off.

My concern is whether they will stop shipping the separate security updates
that have already been released, which are useful for patching a new system on
first boot.

------
AndrewDucker
So much better than the current system. Frankly, it should be able to bring
system files to a desired state, rather than installing numerous updates.

------
mms1973
The last W10 update broke my Wifi. So buyer beware...

~~~
newjersey
Hi, can you please give more details? What computer was this? What broke? And
if you fixed it, how did you fix it? Thank you.

