Certainly some of these companies do have decent customer support -- I don't mean to imply that such issues never get resolved.

The trouble is, unless they all have good support, there is a risk involved in having automatic updates that wasn't there before.

What I honestly don't understand after all the discussions here and elsewhere in recent days is why so many people seem to be defending Microsoft's position. If they're worried about security issues not being patched, they could just as well leave updates on by default but optional, so those who know what they're doing can take steps to apply the important patches with proper testing and without risking unwanted side effects, while those who just plug in and go will probably get exactly the same result as they would with compulsory updates anyway.

As far as I can see, there is literally no reason not to do this -- which is basically status quo for most systems today -- unless someone at Microsoft has intentions that mean they would want to push an update that a clued up user/sysadmin would not want to install, which is the only time it makes a significant difference whether or not the updates are mandatory.

You're adorable. :-)

But seriously, the reality is that you have no power whatsoever to compel an organisation the size of say Nvidia or AMD to provide working drivers. Both provide drivers for their gaming cards that are frequently buggy as hell. Even their much more expensive professional workstation cards -- where almost the entire point is the supposedly better drivers, because the hardware is all but identical -- have all kinds of silly driver bugs that have been known to cause anything from screen glitches while using supposedly certified applications to outright system crashes.

Several people have commented in this Slashdot discussion that you can disable the driver updates within Windows update even if you can't disable other parts, though so far I haven't been able to find any official confirmation of that from a Microsoft source. Even if it's true, that in itself says something about Microsoft's awareness of the potential for forced updates to go badly wrong. :-(

There are plenty of previous cases where Windows Update has broken things. That's why a lot of us are so concerned. Been there, done that, spent the next several hours clearing up the mess, on occasion even resorting to physical media because the normal recovery mechanism was sufficiently b0rked that even booting that far wasn't happening.

Severe problems like the ones I was thinking of above? No, to be fair to Microsoft, they have usually fixed those within a day or two. (Drivers are a different question entirely, but as we've determined, those are a different case and not entirely Microsoft's responsibility.)

But minor gremlins that mess something up for people with certain hardware or software combinations? Or updates that aren't really necessary at all, like the Win10 nag messages? I don't see any rush to get those fixed.

In any case, as the financial folks will tell you, past performance is not a reliable indicator of future behaviour. The fact is, if you trust Microsoft to get this stuff fixed and it does turn out that they can't or won't fix whatever issue is affecting you, your business is screwed. What manager or IT group wants to risk their business's ability to trade or potentially their own personal livelihood in that way, entirely unnecessarily? Why would any rational person do that, if they understand the other options available to them?

Once again, the problem isn't just this specific issue, it's the uncontrolled risk associated with allowing anyone to force software changes on a PC you rely on.

And if you think I'm only bitching about this pseudonymously on-line, you're crazy. Every business I work with (and a couple of family and friends who have asked) has been actively making plans to avoid winding up on Windows 10 for a while.

BTW, my comments on this issue are mild compared to a few I've heard when talking to the sysadmins at some of those businesses. The language some of those people used to describe Microsoft's attitude here isn't something you'd repeat in polite company, let's say.

If it was working for whatever it was needed for before the update, and it wasn't after.

The entire point of the concern here is that Microsoft can and have pushed updates that are broken, and they can and have pushed updates that a lot of users didn't want and that had nothing to do with security (like the Windows 10 nag message).

Microsoft's idea of what constitutes an important update that I should definitely deploy and my idea of what constitutes an important update that I should definitely deploy have been diverging significantly for some time. My standard policy now is that I apply security updates, and unless I have a good reason to do otherwise, that is all I deploy.

That policy was a direct result of problems caused by earlier updates, and I think if you ask around you'll find a lot of sysadmins favour a similar strategy. Even if that weren't the case, the likelihood of Microsoft increasingly pushing unwanted changes that are in their own interest more than their users' seems high given their disclosed strategic plans and business model going forward.

Not nearly as much as the haters assert.

If you are moving directly away, a solar sail would be more efficient.

It's a radio transmitter feeding a closed waveguide. One has to ask: why haven't we seen evidence of radio transmission providing thrust before, when it's been feeding an open waveguide?

Extreme claims require extreme evidence. People who have made extreme claims before without much evidence at all are rightly categorized with the boy who cried wolf.

The issue is bigger than that, and this story is just one early example of how forced updates could go wrong (read the summary, and for that matter numerous other discussions on this and other forums since the forced update mechanism became widely known a few days ago).

I'm happy for you that apparently the systems you use are all running Windows Enterprise, and the people who set them up and maintain them have no problem with spending time figuring out which settings to adjust to turn this stuff off. Obviously from the fact that we're having this discussion a lot of people didn't know to turn this off and got stung by it, and as I've noted repeatedly, there are analogous cases that could be just as damaging but which will not have the option to turn them off even in Pro. A lot of people are going to wind up getting hurt by this policy, even if you personally aren't one of them.

You're promoting perpetuating a long-standing, widespread and hugely-damaging user security error in order to avoid a relatively obscure problem which can actually be fixed through purely technical means. Not a win.

What you describe as a problem is actually part of the solution. The problem with classic OpenID was that it was virtually impossible to get, say 1st Bank of MyButt, to use it, because absolutely anyone could be an identity provider. I personally agree with you that classic OpenID was better in that respect, but 1st Bank of MyButt doesn't. They're hemming and hawing about letting Google manage their user's identities, but they will at least consider it.

Heh. Your snark falls rather flat, given how egregiously wrong the parent was.

Putting them in password managers is the right thing to do.

You're wrong. Hilariously so.

The entropy of "thatswhatshesaid" is far lower than 43,608,742,899,428,874,059,776. Randall Munroe calculated correctly in the XKCD comic, of course. He didn't assume that each letter was random, he assumed he was choosing four words at random from a dictionary of a specific size (about 2048 entries == ~11 bits of entropy per word). Your password is clearly not a selection of randomly-chosen words, and even if it were, it would likely have been from a much smaller dictionary.

This highlights the danger of asking users to pick passwords... even those who think they know what they're doing are likely to screw it up. Munroe's advice in 936 was good... but I think it has mislead more people than it has enlightened.

No, it's much better to use a password manager and let a computer pick large random passwords for you.

All true, but in general you can only defer updates for a few months even in Pro with Windows 10, or you lose the security updates as well. That change is actually worse than forcing everything on Home users immediately, IMHO, because it removes control from all the small businesses and power users who actually want/need it.

Spam and malicious e-mails don't cause a problem either, unless your time is valuable, or you value your security or privacy, or you actually click on something in them.

Many of these businesses already did buy the appropriate tool for the job: Windows 7 Pro, or maybe the equivalent in 8 or 8.1.

And now they're about to discover that its successor, Windows 10 Pro, is no longer the appropriate tool for the job.

Do you understand that what's being forced on everyone isn't just security updates?

Of course we can't predict what updates Microsoft will actually force people to install using this feature. However, as it is currently described in everything I've seen, things like the Windows 10 nag screen everyone hates that they pushed out a few weeks ago would be compulsory for everyone in the brave new world.

Ironically, it sounds like the only way to avoid unwanted non-security updates will be to give up on receiving security updates as well, thus having exactly the opposite effect of what you want here.