But it's impossible to untangle the cumulative updates for Windows 10, no matter what patch system one uses. Even businesses that rely on WSUS, for example, have only an either-or option: block a specific cumulative update, and thus receive nothing embedded in it, or approve the update and take everything, including past fixes that may have broken Windows or third-party applications compatibility prior.
"Windows 10 puts certain verticals in a very tight place," said Goettl in an interview this month, citing healthcare as an example. Failing to keep a medical device up to date, for instance, voids FDA approval. "But if an update includes five [security] bulletins, and one of those breaks the medical device, you can't apply the whole [cumulative] roll-out, and you've broken that chain."
By that Goettl meant that future security updates would not be able to be applied, not with cumulative updates that included not only the most recent fixes, but all past changes and patches, too.
When combined with another Windows 10 mandate -- the one that requires users to keep their devices up to date on feature and functionality changes, or lose access to security patches -- cumulative updates pose a problem to customers and companies leery of taking Microsoft at its word on the quality of its OS changes and bug fixes.
Goettl predicted that the path from old model to the new system would not only take time but be a rough road. "There are three parties at odds with each other here," he said. "First, there are customers who need to make sure that systems are kept running. Second, there are [third-party] vendors who require approved updates to be applied. Third, there's Microsoft, without a granular [updating] model."
Goettl said he wouldn't be surprised if the tension takes as long as two years to resolve, in part because each party wants its way, in part because Windows 10 won't reach a critical mass, especially in the enterprise, for some time. Customers want flexibility, application vendors want their software to work, and Microsoft wants to drive updating with a take-it-or-leave-it attitude.
"We'll see who [blinks] first," Goettl said.
Sign up for CIO Asia eNewsletters.