Local Grid has been examining Microsoft's Windows security strategy during the past few days, with surprising results.
Microsoft will reboot your machine, during an automatic update, regardless of whether your machine is running a user-initiated process or not. While there is no mention of this policy on any of Microsoft's explanations of its auto update service (at least that we could find), we watched it happen to a Local Grid machine running a mojoworld render when Microsoft issued an out of cycle patch last night. What's with terminating a user process preemptively to install an update? What is Microsoft thinking of?
Surprising result #1
Well the answer must be Microsoft. Clearly Microsoft updates are a higher priority than user processes, otherwise our machines wouldn't reboot while Mojoworld is rendering. It seems the workaround for that behaviour is to turn auto update off.
Microsoft wants you to install an update even if it knows the update will break your machine. You can temporarily opt out of a service pack install for twelve months by installing a Service Pack Blocker tool instead. What happens after 12 months? If you don't install the service pack Microsoft won't update Windows.
Surprising result #2
It seems the only work around is to turn Microsoft auto update off.
If a Windows service pack does break your machine, be prepared for that to be all your fault. For example, although you really have to know what you are doing to update drivers on Windows Vista, Microsoft customer service advises customers to download Vista drivers from their vendor's web sites, and have them ready in case an update breaks your machine.
Surprising result #3
If you use automatic update be prepared to shell out for a service call from an MCSE, or to take your computer to a repair shop.
If you turn off the automatic update service on your Windows machine you will be blamed for the spread of bot nets. Microsoft makes it perfectly clear that not running auto update means you are spreading malware around the world. Blaming the customer is a hallmark of failed enterprise. Gamblers, for example, often blame horses for losing money, when they only lost a race.
Surprising result #4
Microsoft customers are like horses on a jumps circuit, constantly whipped in case they don't jump the hurdles Microsoft places before them. If you run Windows be prepared to get the blame for anything bad that happens to Windows, like the Conficker worm.
Here at Local Grid we are grateful to the people who wrote Windows; it works for us as well as any other OS we run, and sometimes better. But once we configure a machine we don't expect to be constantly reconfiguring it around any "enhancements" Microsoft makes after we bought it.
As far as we understand the enhancements to Windows Vista in Service Pack 2 are entirely for wi fi, blu ray and other monosyllabic consumer items. Although we don't use those, Microsoft has decided we should, and we have had to block that service pack install because we know an update it contains breaks our machines.
So we are phasing out internet-facing Windows Platforms. Its simply not worth the effort to keep Microsoft platforms on the internet any more, given the scope and extent of the problems currently facing that OS which Microsoft has passed on to its customers. Which means we'll be migrating our blog away from Windows Live. Ah well.
We're scheduling the phase out of Windows platforms around the demise of Windows security solution One Care. Eight months to go, we'll keep you posted.
Tools 
Help
