"Prior to Satya Nadella’s tenure as Microsoft’s CEO, the firm employed extensive QA testers and used them for all of its Windows patch testing. Not long after Nadella came aboard, he reorganized the company, fired a large number of employees in the testing group, and began requiring OS developers to do their own QA. Windows 10 builds are now rolled out to external testers as part of the Windows Insider program, and those beta testers are specifically advised not to deploy new OS builds on their daily driver systems, due to the risk that an update will break something.
We can’t speak to how Microsoft feels about these changes internally, but they haven’t been positive from where we sit. In theory, pivoting to a six-month cadence allows for rapid feature updates and quicker problem resolution. In practice, it means an entire class of hardware issues no longer get picked up or resolved due to changes in testing procedure. And some of Microsoft’s issues these past few years don’t even map well to that explanation, like the repeated bugs and errors the company pushed out into Office last month. Windows users still on v. 1607 got hit with patches on up to 14 days of August 2017, when MS used to consolidate these pushes into 1-2 “Patch Tuesdays” per month
The sheer volume of patches, and the frequent need to roll back those patches when they turned out to be buggy, has so frustrated Woody Leonhard at CNET, he’s now suggesting Windows power users (that’s an important distinction) turn off Windows Update altogether, to avoid the constant headaches that Microsoft has been dishing out. Given how bad things have gotten lately, he’s got a point.
Evaluating an Unknown Risk
Let me be clear: It is generally a bad idea to turn off security updates. For all the problems I had with Windows 10‘s update model, automatic security updates wasn’t one of them. The benefits of rapidly deploying security fixes vastly outweigh the risks in most cases. But Microsoft doesn’t just push security fixes, it pushes other changes through the same model. This has always been problematic, and it’s only gotten worse over time. In late August, MS pushed a Word 2016 patch that broke merged cell functionality, KB 3213656. Two weeks later, it pushed a new Word 2016 patch that contained the same bug, KB 4011039. If you use Office, your only option to manually uninstall these KBs, at least if you also use documents with merged cells."
"The biggest risk to turning Windows Update off is forgetting that you’ve done so and missing a genuinely important patch because you thought it had automatically been applied. But if you update on a semi-regular basis already and can trust yourself to keep to such a schedule, you’re engaging in a bit of practical risk-shifting, under the assumption that you can spare yourself some headaches now and that doing so is worth the potential risk of being more exposed to infection."