EUC Professionals Have Spoken: Nexthink is Clear Leader in G2 Reviews Learn more

Blog Post|7 minutes

Patch Problems Causing Windows Pain? Make it a Team Effort

May 11, 2018

Patching Windows 10 doesn’t always go as planned. As noted by CNet, the OS has a bad habit of automatically updating devices to the latest version — even when users are in the middle of something else. Sure, there’s potential benefit for IT here since network-connected desktops and laptops will always be up-to-date but since the update process halts any work-in-progress, resets the device and can take hours to complete, end-users won’t be happy.

The other option? Turn off automatic updates and leave patching in the hands of IT professionals. This improves control but also introduces risk: Missed security updates could leave holes in network defenses, while mandated patching schedules could frustrate front-line and C-suite users alike. The solution for Windows pain? Make it a team effort.

Ongoing Issues

Microsoft has been diligent about releasing new patches for Windows 10, while also pushing users to accept automatic updates as the new way forward. But things sometimes go off the rails — as noted by Express, the Windows 10 update for April 2018 has been pushed back because of a “blocking bug” that could cause blue screen of death (BSOD) issues.

Back in March, meanwhile, Windows’ fifth major feature release, version 1803, went off without a hitch but mostly improved existing tools and added some quality-of-life services. According to Thurrott, new translucency effects and reveal animations give a more “modern” look to the OS, while the newest Microsoft Edge version makes it a viable option for casual users. Timeline is the big new feature, which lets power users see both currently available apps and previously-used services.

The Update Debate

Some Windows 10 patches contain security updates. Some are feature-light while others may come with minor issues. What does this mean for IT teams opting out of auto-updates and managing patches month-to-month? That every new update comes with potential reward and possible risk.

For example, Computer World reports that the most recent Windows 7 update broke manual IP addresses for some users and disabled network interface cards (NICs) for others. This makes a case for IT holding off until they see exactly how new patches impact current systems: If reports are rolling in about long downtimes, broken features and unaddressed issues, is it better to wait than risk lost productivity? End-users are also a concern: If IT tells them to expect a patch which should theoretically improve overall function but ends up breaking app connections or deleting personal settings, the backlash is immediate.

The other side of the coin? Security. Most Windows patches contain some security updates, even if they’re not detailed in the release highlights. Often, these updates are designed to counter specific threats affecting Windows systems; even if IT teams haven’t encountered these issues, proactive defense may be worth the risk of potential downtime. Consider: Months before the WannaCry ransomware outbreak, a patch was available which rendered systems effectively immune. The problem? Very few companies bothered to upgrade, putting networks and data at risk.

Middle Ground

So what’s the solution here? Immediately deploy every new patch the moment it’s available? Hold off until issue reports pile up and resolutions are offered? Turn automatic updates back on and handle the employee backlash?

Here’s the thing: IT are right to be concerned, to worry that new patches may not offer ideal results. It’s good practice to analyze patch notes before committing to a system-wide upgrade, while also keeping an eye on other system applications — such as those downloaded by “shadow IT” users — which may also need updating. But there’s a still a missing piece of the puzzle: End-users.

Think about it like this — marketing departments don’t roll out new campaigns without consulting stakeholders, but that’s exactly what happens when IT pushes out new patches without talking to employees about their concerns. If end-users don’t know what’s happening, why, or when they’re more likely to push back, to use apps and services that aren’t approved or find ways to avoid mandatory updates.

Instead of going solo, adopt a team mindset: Talk to staff and C-suite members. Explain what’s in the newest patch, why it matters and when you plan to roll it out. Take feedback, listen to concerns and adjust if needed. The result? Even if Windows patches end up being painful, end-users are on the same team as IT instead of on the other side of the glass.