Is it irresponsible for an organisation to release patches that are not fit for purpose?
In these days is it not irresponsible for any organisation, no matter how big or small to release patches for their solutions, software without having gone through DevOps or a formal test procedure prior to releasing them to the public?
Organisations should never rush to release patches, which potentially could cause damage to existing systems, even if you regime is to never patch for the first seven days. However, one does depend on the honesty of organisations entrusted to develop systems, to ensure they come clean, and follow good practices.
Do we need some form of penalties for such behaviour? Unfortunately, everyone depends on the organisation due to massive discounts for software sales, and they simply get away with it - even if you are Microsoft, you should know far better! Or does that fall under the Consumer act?
Re: Is it irresponsible for an organisation to release patches that are not fit for purpose?
Yeah, I would consider not testing patches irresponsible but it's also a two way street. Software companies need to test the patches before releasing them and organizations need to test before implementing them into their production environment. However, we can't hold the organizations responsible for patches on systems they can't control, e.g., the recent Akamai outage caused by an update.