By Woody Leonhard
For years I’ve been advising Windows consumers to disable Automatic Updates: Keep Microsoft’s mitts off your machine until you’re darn sure the proffered patches do more good than harm.
I’ve taken a lot of flak for that heretical stance, vilified for intimating that Microsoft’s patching process leaves consumers in the lurch. Bah. Recent events have proved my point conclusively: Windows auto-update is for chumps.
The auto-update process
Take a second right now to check your auto update settings. Click Start, Control Panel, Security Center. Don’t click the Automatic Updates bar at the top — Microsoft has the dialog box rigged to turn on auto-updating if you click around indiscriminately. Instead, click the "Automatic Updates" line at the bottom of the Security Center. Windows shows you an official-looking dialog box — "Help Protect Your PC," it says — with a cheerful good green shield at the top and a naughty bad red shield at the bottom.
If you’re setting up Windows for your Great-Aunt Millicent who frets that playing Solitaire will lock up her PC, go ahead and click "Automatic (recommended)" and resign yourself to your technical co-dependent relationship.
But if you’re even moderately conversant with Windows — certainly if you’re reading this newsletter — check one of the other buttons. I recommend "Notify me but don’t automatically download or install them." That way I have two chances to catch myself before installing everything Microsoft pushes out the Patch Tuesday door.
With auto updates disabled, the next time Microsoft has a "critical" patch that it wants to push onto your machine, a balloon will pop up out of a yellow shield in the system tray, next to the clock at the bottom of the screen. The balloon will ask your permission to download and/or install whatever software Microsoft has on offer. Your job is to refrain from giving that permission until millions of clueless Windows users have an, uh, opportunity to beta test Microsoft’s latest missives.
What happened last month, Part I
Permit me to summarize the Windows Automatic Updates Out-of-Box Experience of the past month, from a consumer’s perspective.
On April 11, 2006 — a Patch Tuesday that will live in infamy — Microsoft released four collections of patches. Two were relatively innocuous, at least for Windows consumers.
One of the patch collections, MS06-016 (917288), “patched” Outlook Express on some PCs so well that OE couldn’t open its address book.