Download the authoritative guide: Cloud Computing 2018: Using the Cloud to Transform Your Business
Microsoft is taking the opportunity presented by the forthcoming Windows 8 release to streamline the Windows Update (WU) process and reduce the frequency of required restarts. But it has also stated unequivocally that it will not open WU as a platform for updating third-party applications.
"When it comes to Windows Update, one of the most discussed topics is the disruptiveness of restarts in the course of automatic updating. And for good reason—restarts can interrupt you right in the middle of something important," Farzana Rahman, group program manager for Microsoft's Windows Update Group, wrote in a blog post Monday.
"The obvious question to ask first is why does the installation of updates even require a restart at all? Ideally, we would like all update installations to happen seamlessly in the background without a restart," Rahman wrote. "But, in reality, there are situations were the installer is not able to update files because they are in use. In these cases, we need to restart your machine to complete the installation. The automatic updating experience thus needs to be able to handle cases where restarts are required."
Since Microsoft can't eliminate restarts entirely from automatic updates, Rahman said it plans to streamline the process in Windows 8 to give users and administrators much more control over how and when restarts happen while still updating on a timely basis.
"The challenge we faced was to find the balance between updating with speed and giving notice to the user for upcoming restarts," Rahman said. "Clearly, updating and securing the PC before vulnerabilities can be exploited is just as important as it ever was. However, we also want to deliver a better experience around handling restarts and avoiding data loss without compromising our goal of timely updating."
Rahman said her team adopted three guiding principles for the user experience with regard to WU in Windows 8:
The automatic updating experience must not be intrusive to users but keep them aware of critical actions. It must minimize restarts and make them more predictable. It must continue to keep the PC and the ecosystem up-to-date and secure in a timely manner.
To that end, one of the first decisions Rahman's team made was that WU in Windows 8 consolidates all restarts, except those required by critical security updates, to once a month. The restart will coincide with the monthly security release, which comes in a single batch on the second Tuesday of every month. Updates that require a restart may be pushed to machines throughout the month, but the actual automatic restart will only occur when the monthly security release comes out.
"There is one exception to the rule to wait for the monthly security release, and that is in the case of critical security update to fix a worm-like vulnerability (for example, a Blaster worm)," Rahman noted. "In that case, WU will not wait, but will go ahead and download, install and restart automatically. But this will happen only when the security threat is dire enough."
Additionally, WU won't use intrusive pop-up notifications or dialogs about pending restarts anymore. Instead, it will notify users of an upcoming automatic restart through a message on the login screen that will persist for three days before the actual restart.
"If after three days, the restart still has not occurred, then WU will automatically restart your PC for you," Rahman said. "In this case, the automatic restart will happen either at the end of the three-day grace period, or, to prevent data loss if WU detects that there are critical applications open at the end of the three-day grace period, it will wait to automatically restart the next time you log in."
Rahman said if you still have applications running in the background, or if there is potentially unsaved work, you will be asked to save your work when you log in and will then receive a warning that the machine will restart in 15 minutes.
Microsoft has also taken into account the fact that restart notifications can be disruptive, especially if they occur while the user is giving an important presentation, playing a game or watching a movie. Rahman said WU detects these states and will delay automatic restarts when it does so.
In the business setting, Rahman said the updating experience for business users will be the same as it is for home users if the IT administrator does not set a policy regarding it. However, IT administrators may choose to set a policy to prevent automatic restart after automatic installs, just as they could in Windows 7. If this policy is set, users will see a message on the log in screen that a restart is needed, but there is no three-day countdown and no automatic restart. The message will persist until the restart occurs.
No Third-Party Updates
Rahman also said that while many users have asked Microsoft to allow WU to update their third-party applications—thus keeping the Windows platform more secure—it is not willing to budge on that point beyond pushing updates to third-party device drivers required by the operating system.
"People clearly find the experience with multiple updaters on the system less than optimal (and we agree!)," Rahman said. "Each application updater gives you a different experience, and you have to remember to go visit each updater to install updates, you never know when or how updaters will run and what they might do, and so on. People would like one updater for the entire system."
"On the other hand, users have also told us that they trust the quality of updates distributed by WU and hence are comfortable with choosing to automatically update their systems. We would not want to do anything that might reduce trust in the system by encouraging people to take on this management task manually and exposing their PCs to potential vulnerabilities for even short times."
Rahman explained that the Windows Logo Program for Hardware carefully vets third-party device, validates the updates and signs them for authentication. She explained that when it comes to applications, the wide variety of delivery mechanisms, installation tools and approaches to updates makes it impossible to push all updates through a similar process.