This is why I don't use the Update module on most of my live sites. I have back ups of all my sites set up locally in a multi-site per core version. I update my core and contribs there first and make sure that things are working. Then I move the code to the live sites.
Yes, this can mean that there are temporary security vulnerabilities. I'll take that risk over the likelihood that something will break if I just upgrade willy-nilly. Plus, having already tested, I know whether or not to follow those instructions.
Oh, and I have also had problems come up by allowing Windoze to update itself.
Nancy Injustice anywhere is a threat to justice everywhere. -- Dr. Martin L. King, Jr.
From: Dave Stevens Recently I got an email from my drupal 7.10 site informing me that there was an update available to version 7.12. The link took me to a pink hued page where I was told that it was advisable to correct a security problem by upgrading to 7.12. I am then informed that there is no automated upgrade, but that instructions are available to manually back up files and databases then carry on with a manual upgrade.
I see this as a real issue with the design of Drupal. It is all very well to find vulnerabilities and announce them, with fixes, but if there is no simple, automated way to apply the fixes there will inevitably be a lot of unpatched cms's out there running outdated and known-vulnerable versions of Drupal.
The developers may, for all I know, be working hard on an automated update and patch mechanism. Can anyone tell me if this is the case? Am I doomed to continue manually applying security fixes as long as I persist with Drupal? I dumped Win95 a long time ago and have really no wish to regress this way.