Is it irresponsible for an organisation to release...

Caute_cautim · ‎08-01-2021

Hi All

In these days is it not irresponsible for any organisation, no matter how big or small to release patches for their solutions, software without having gone through DevOps or a formal test procedure prior to releasing them to the public?

Organisations should never rush to release patches, which potentially could cause damage to existing systems, even if you regime is to never patch for the first seven days. However, one does depend on the honesty of organisations entrusted to develop systems, to ensure they come clean, and follow good practices.

Do we need some form of penalties for such behaviour? Unfortunately, everyone depends on the organisation due to massive discounts for software sales, and they simply get away with it - even if you are Microsoft, you should know far better! Or does that fall under the Consumer act?

Regards

Caute_Cautim

Caute_cautim · ‎08-01-2021

Hi All

This is the article I was referring too:

https://windowsreport.com/bios-update-via-windows-update/

Regards

Caute_cautim

tmekelburg1 · ‎08-03-2021

Yeah, I would consider not testing patches irresponsible but it's also a two way street. Software companies need to test the patches before releasing them and organizations need to test before implementing them into their production environment. However, we can't hold the organizations responsible for patches on systems they can't control, e.g., the recent Akamai outage caused by an update.

@Caute_cautim wrote:

Do we need some form of penalties for such behaviour?

This is a perfect example of why we have Regulations.

Is it irresponsible for an organisation to release patches that are not fit for purpose?