It’s been long enough since I started using Windows Vista that I’d forgotten the usual pattern of Windows Update postings on a typical “Patch Tuesday” (the first Tuesday of each month is when Microsoft releases all in-cycle security updates, plus a monthly reworking of the Windows Malicious Software Removal Tool and the Office Outlook Junk Email Filter) early in the OS lifecycle. This morning’s updates came as a pleasant surprise (though I did have to turn off the 31 language packs that always show up early in each lifecycle).
Even more pleasantly surprising, a quick look at my complete update history so far shows only seven “real Windows updates” amidst a list of 34 total items — most of the others are Office related, though some driver updates (my Nvidia GeForce GTX 275, Dell 968 AIO printer, and built-in RealTek GbE interface), Windows Defender definitions (no longer used on my machine), and a few other odds’n’ends also appear.
Of course, it can’t stay this way for too long, and only time will tell if the relative incidence of security updates is lesser or greater than Vista at the same times in their relative lifecycles. At this point, however, the relative lack of clutter is exhilarating (though the number of MS Office 2007 updates portends what we’re likely to see for Windows 7 in a couple of years). With only the Silverlight update (KB 974331) counting as a real security update for Windows 7 Patch Tuesday activity so far, and a couple of IE 8 updates in the mix, we haven’t really seen a significant vulnerability in Windows 7 to date. Alas, history also teaches that it’s just a matter of time before Windows 7 adds more security updates as it also becomes a more regular target for exploits, and a more intense focus for the search for vulnerabilities.