Today Microsoft pulled an Office 2013 UI update for Outlook (KB2817630) from the Windows update servers. The update was meant to improve usability of Outlook 2013, but in certain conditions rendered the Navigation pane in Outlook unusable.
The update KB2817630 applies only to Office 2013 and is unrelated to security bulletin MS13-068, which applies only to Microsoft Office 2007 and 2010, and which we continue to recommend as a high priority security update.
Along with last month’s issue in the Exchange Mail Server with MS13-061, this problem, even though it didn’t occur in a security update, underscores the complexity of our current IT environment. IT administrators at many organizations that we interact with counter this with a 1%, 10%, 100% mechanism, meaning they apply these patches to 1% of the user base on the the first day, 10% on the second day (barring problems) and going for 100% starting on the third day. The ultimate goal is to have security patches distributed to all machines by the fifth day. Product enhancement patches such as KB2817630 are typically on a different, batched schedule.
Nevertheless any failure in patching is impacting our efforts to improve security by frequent updating. Ultimately I believe that reducing the complexity on the desktop and using more online services for our daily needs is the direction that we are headed.
I am interested in hearing from you: were you impacted and how do you schedule security and product enhancements patches?