Windows OneCare, Automatic Updates, and Automatic Reboots

I've been beta testing Windows OneCare™ Live : "the all-in-one, automatic and self-updating PC care service aimed at helping consumers more easily protect and maintain their PCs to keep them running well."It integrates smoothly with Windows, consolidates firewall, antivirus, backup, and more. It's one of the better designed pieces of software I've used , and it puts the standard Windows security packages (Symantec, McAfee, etc.) to shame. I'm a thrifty consumer (readers of my blog will note my love of free software), and I think the price is very reasonable: the subscription price for up to three computers will be $49.95. If that seems pricey, consider that it does a lot more than the other antivirus packages, does it very well, and covers three computers. They're now in an open Beta period, so you can try it out free here.

I don't know if I'll use it, though. There's one usability flaw that drives me nuts. The system is set up to use a simple Green / Yellow / Red status to indicate the overall "health" of your system. The system is designed to make it simple to keep your computer healthy: get green stay green. Unfortunately, failure to allow Automatic Update to automatically install updates puts you in the Red penalty box, no questions asked. Since I don't enable automatic installation of critical updates, I'm always in violation of the basic assumption of the program - since I'm always ignoring my Red status, the system is a lot less useful as an indication of my system's health.

What possible reason could I have for disabling automatic install of Windows Updates? Well, Windows Updates often cause reboots, and I want to control when my computer reboots. No one should have that right but me. I don't reboot my computer every day; why should I? It takes a while to get all my applications running after a reboot. I'm a developer, so my applications are development environments, databases, web browsers, Virtual PC sessions, Explorer windows, and usually a half finished e-mail and blog post - I have 15 applications running right now with some sort of state. The applications you use in your daily work may be different, but let's agree that it takes some time to get things set up once you reboot. Even if you don't leave your computer running, Hibernation or Standby is much more efficient than shutting down at the end of each work day. Surprise reboots are a serious opponent to productivity since at best they require me to get back to where I was before the reboot, and at worst I lose whatever I was working on before the reboot.1

Update: I just noticed that Windows Updates violates the "Designed for Windows" logo requirements: "If you do require a reboot, you must prompt users and allow them the option of deferring the reboot."

Now, why should critical updates be allowed to reboot my computer without my permission when I'm away from my desk? If you stepped away from your desk for a few minutes and returned to find that a co-worker had unplugged your computer, you'd be upset, right? Why is it okay for Critical Updates to do this?

The party line answer to this question is that critical updates are critical, and must in installed immediately. This sounds good, but ignores the fact that Windows Automatic Update runs once a day at a totally arbitrary time. I know that the time of day is arbitrary, since I selected it when I enabled Auto Update. Automatic Update can only be configured to run at most once per day, and as rarely as once a week. Critical updates should be installed in a timely manner, but it makes no sense to say that Critical Updates must be installed the very second they are downloaded since they may have been downloaded as many as 168 hours after they were released.

So... how should this work? Let's ignore the fact that the OneCare and Windows Update teams may be in different buildings; let's just talk about the optimal user experience. How about this:

  • Automatic Download of Critical Updates is required to stay green. That's no inconvenience to the end user.
  • Uninstalled Critical Updates immediately put me in the Red until I install the update.
  • (Optional Extra Credit) A time delay on either OneCare or in the Auto Update system that allows me to download Critical Updates and have some time to install them manually - maybe a time delay from 1 to 24 hours (defaulted to 18), or a specific time of day (defaulted to 11 AM). If I don't install within that period, they are automatically installed.

What are the arguments against this kind of feature?

  • It's bad for user security
    See my argument above about how the installation schedule is arbitrary, anyways. This may actually improve security by making it painless to participate in Automatic Updates.
  • It's a power-user feature, and they're not our target audience
    There's a simple workarounds if this was the case (make it an advanced setting), but the bigger problem is that the target audience may be too limited. OneCare is too compelling a product to target only novice users - this thing belongs on developer and corporate desktops. I can see an Enterprise server version that helps small IT shops keep a few corporate web, data, and file servers protected, patched, and healthy. Suprise reboots is a deal killer for these markets, and the enterprise desktop and server market has deeper pockets than the family computer market.
  • It's confusing to the novice user
    I don't think so. The experience I described above seems simple - guide the user to enable Automatic Downloads of Critical Updates, but if they choose not to automatically install them, don't put them Red. Turning Red when I have a downloaded but uninstalled Critical Update only makes sense with the Red = Action Required paradigm.

What do you think? Would this make a difference in your purchasing decision?

1 Ironically, the only application on my computer that survives reboots smoothly is Firefox, thanks to the SessionSaver extension. Windows Vista's Restart Manager will provide a mechanism for applications to be notified of reboots so they can save their state and be restarted after the reboot, but applications will have to include code to take advantage of this feature. Vista's supposed to require fewer reboots, too, but the point is that there will still be required reboots and applications that don't handle them well for several years to come.

UPDATE: So I'm not the only person this annoys. See the comments on this post on the Windows OneCare blog.

5 Comments

  • Note: There are registry values and local policy settings that can be used to significantly delay and potentially completely disable automatic reboots that result from the installation of automatic critical update downloads.

  • Hi John - no need to justify to us why you want control over when your machine reboots :-)

  • Ok, I installed this from a WOC cd package purchased from Best Buy. Only took about 10 hours on a 56k modem. Many "wonderfull" problems occurred in this download and install.

    I am not a novice. I consider myself to be somewhat advanced in my knowledge of computers and software. An average home user is going to be frustrated and miserable trying to load the software package. My advice is "DON'T DO IT!". Too many "favors" are done for you and will do you in.

    If you are foolish enough (like me) to buy this product and try to install it, then please make sure you have an image copy of your system before doing it.

    I have already removed it from two of my computers. The third has a bug I am determined to have microsoft fix. The bug is a result of One Care. My copy of windows keeps needing to be activated. Never happened until One Care was installed. My Windows XP on this computer has been registered and activated with Microsoft for three years.

  • I'm using Windows Server Update Services to manage Windows Updates for all machines on my small business network. It's set to install updates each Saturday night. I'm using a GPO to manage update behavior, which admittedly I'm still figuring out, because the GPO options and language are maddeningly tedious to understand. I do have it set to automatically restart machines (remember, Saturday night). So this morning--Sunday morning--I find my server showing "Windows is shutting down," but nothing is actually happening. Had to remotely stop services and then power off the machine. Anyway, I agree with your post, and specifically I find it so stupid that anything would *ever* automatically restart a server.

  • My 1st try at something other than Norton because it came with the Pc and it is driving me crazy. I had several "critical" updates load in the past adn cause my Pc to get "stuck" and I had to unistall all the current updates til I found the one that had a problem.
    Norton had this originally in their internet security a couple of years ago and they corrected their error by allowing you to ignore windows update and thus leaving it upon the "user" to decide how, when, where updates were done. which worked out well for me by just being notified when updates were available and I chose what I wanted and what I didn't want.

    This reminds me of the old microsoft when you had to use their internet explorer not the newer one

Comments have been disabled for this content.