Security Short Take: Microsoft gets vague on Windows 10 updates

22.07.2015
Windows users who upgrade to Windows 10 take note: You're not going to know much about the automatic security updates Microsoft serves up.

Last week, Microsoft released two updates for devices running the Windows 10 preview build 10240: KB3074663 and KB3074665, with the latter one being announced on Twitter by Gabriel Aul, engineering general manager for Microsoft's OS group. "We're releasing an update package on WU [Windows Update] for PC build 10240 today. It will install automatically or you can check for updates to grab it," Aul tweeted Friday. "It will be described as a security update, but that's just because it's cumulative and includes the last package's security fix."

The first update, KB3074663, was also marked as a security update. "The vulnerability could allow elevation of privilege if the Windows Installer service incorrectly runs custom action scripts," said the accompanying support document. Like its follow-up, KB3074663 also used the phrase, "This update includes non-security-related changes to enhance the functionality of Windows 10 through new features and improvements."

What may disturb long-time Windows users is the lack of information about the contents of KB3074663 and KB3074665; the phrase "includes non-security-related changes to enhance the functionality of Windows 10 through new features and improvements" could cover a variety changes across wide spectrums of the OS.

Among the issues raised by the shift:

Windows 10 is set to roll out on July 29 and promises to offer a faster update cadence, which could exacerbate concerns about the lack of update information.

With reports by Gregg Keizer at Computerworld.

(www.csoonline.com)

Ken Mingis

Zur Startseite