Slashdot Mirror
Microsoft Botches More Patches In Latest Automatic Update
snydeq writes "'No sooner did Microsoft release the latest round of Black Tuesday patches than screams of agony began sounding all over the Internet,' writes Woody Leonhard, reporting on verified problems with Microsoft Automatic Updates KB 2817630, KB 2810009, KB 2760411, KB 2760588, and KB 2760583. The latest round of MS Auto Update hell comes on the heels of one of the worst runs in MS Patch Tuesday history — and just in time for Microsoft to expand the scope of its automatic update damage. 'Does this make you feel warm and fuzzy about automatic app updates in Windows 8.1?'"
Microsoft just went bukkake on its customers.
It's simple but effective.
Good thing it takes longer than a week to exploit Windows vulnerabilities.
I, personally, have even better install policy: off. The disruption from MS patches exceeds the pain from defects in the OS.
It's OK, these specific bugs are minor... an unexpected UI change in office 2013 and an update to office 2007 that says it's not installed after it has been installed.
I am not sure how this qualifies as a patch disaster. There appears to be nothing wrong with the patch. The issue appears purely to be people that haven't updated their outlook while installing the latest patches lose a folder pane, annoying but hardly a disaster and fixed by updating their machine. The issue is applying a new patch to an out of date version.
I used to have this policy as well, until I went GNU/Linux for 99% of the time. The 1% on Windows I use to play games but it is rare and seeing as Linux is getting more games nowadays I might go 100% soon enough.
That week makes little difference: Windows patches come weeks after the vulnerabilities are beeing exploited.
Linux user here. No real comment, just enjoying the show.
Do you pay for this operating system?
It's shit like this that forces me to turn off automatic updates and wait a month before manually applying updates. And it's not just a Microsoft problem - I have also seen similar issues from Apple and Canonical.
Ditto for home - the only Windows box left in the house is a VM on my MacBook Pro, which doesn't have network access to the outside world.
Now at work? It depends on the box, where it sits (inside, DMZ, etc), what it does, and how badly the patch is needed. Snapshot/backup-before-patching is a *must*. Takes work to triage it all, but well worth the effort, all things considered.
Quo usque tandem abutere, Nimbus, patientia nostra?
Your virginity is assured. Rest at ease.
Your virginity is assured. Rest at ease.
I've always wondered why folks think so highly of the mating game. After years of married life and kids I'm miserable, while the friend of mine who remained single and mostly dateless is now the happiest guy I know.
Rest uneasily, divorce court is rape.
I am not sure how this qualifies as a patch disaster. There appears to be nothing wrong with the patch. The issue appears purely to be people that haven't updated their outlook while installing the latest patches lose a folder pane, annoying but hardly a disaster and fixed by updating their machine. The issue is applying a new patch to an out of date version.
This is Slashdot! Thus, this event is the worst thing to happen to mankind EVAR. And it is ALL MICROSOFT'S FAULT!!!!!
Are you not entertained?
Yes, because I develop cross platform applications, but I run it in a VM on Linux too, so I just restored the MS OS partition from snapshot. If you don't have a separate partition for /home/, or if you you let Windows touch bare metal, you're going to have a bad time. Always use protection.
Unvirtualized proprietary software? Not even once.
The price is reduced due to
NSA subsidies.
an unexpected UI change in office 2013
Did they backtrack on ribbon too? Well it's about time.
"If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
You chose your mate .... poorly. Its like you bought a discount pentium I computer with 8 megs ram and are complaining that all computers suck. No, they don't you just suck at the selection process.
Windows user here. Have never had an issue from a patch and definitely glad I paid for Win7. Quite nice being able to play games that are fun. For everything else that can be done on Linux, why bother?
Given all the backward compatibility for legacy items and new OS items, how long can it go before it becomes virtually impossible to maintain reliable code?
NEVER trust the odd numbers. The even number patch releases are where they fix the problems with the odd number patch releases.
Basically, Microsoft is dealing with multiple Operating Systems for which no complete design document exists. For any of them. Microsoft is highly departmentalized and, in consequence, it is impossible for Microsoft to compile a single design for the entire system. They simply don't have the structure.
This is not necessarily a bad thing - things tend to be worse when unrelated subsystems start making assumptions about internal design that they shouldn't. It simply means the Windows environment is now too big for a corporation to manage. Microsoft has exceeded its maximum stable size, and has done for some time. (Based on quality of products, I'd say somewhere around the DOS 4.0 level, but that would be mean. Accurate but mean.)
The only reason I use MS products at all is that application developers go out of their way to be burdensome to non-MS users. Wine has a terrible time with many Windows applications and that's about the only way to run them at all. I would truly love developers to push platform-specifics into a library. It can be done. They can then either write libraries for other OS' or provide the API to that library so that others can write a porting library. It's not like it would hurt sales and it won't affect the game because it's purely a support module.
But, no, game companies and solo writers prefer their 1970s approach to coding - damn the portability, even if all OS' are 99.5% the same, and damn the sales, we want absolute totalitarian power! Bwahahahahahahahaha! Even if it'll eventually kill the product and the company. Who cares, when you're rich, powerful and utterly FUBAR!
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
It's free, it's fast, it's open, it's reliable, and it's not back-doored by the NSA?
+1 Just enjoy the great games on good gpu drivers on fast gpu hardware.
For other roles it seems to be a stressful OS choice.
Domestic spying is now "Benign Information Gathering"
The story where MSFT pulled some of the patches?
http://www.informationweek.com/security/management/microsoft-pulls-exchange-server-security/240160034
Yeah, your *three* computers may not have been affected. But lots were.
There are two types of people in the world: Those who crave closure
You forgot the unwritten (until just now) rule that all analogies on Slashdot must be car analogies. This is like if he bought a Jaguar that he thought was going to be a fun, sexy ride, but instead is terribly high maintenance and broken most of the time.
-- Sent from a computer.
Restoring domain controllers from images is a dangerous game. Nothing like'a'split brain AD network to make your day.
The world's burning. Moped Jesus spotted on I50. Details at 11.
Plus I can use my computer and all its hardware for just about anything I want without having to worry about support for any of my devices. In addition, I do not have to debug the problems that occur. BTW - I can guarantee that the NSA is thoroughly familiar with open source operating systems and can get them to do anything they want.
Ubuntu != Linux.
And "Debian testing" is called "testing" for a reason. See if you can figure out what that is.
Il n'y a pas de Planet B.
Have you used a Debian based system? Dude, step into this millennium.
Did you used to write propaganda for the Nazis? Give the rhetoric a rest and just report the facts, please.
Comment of the year
Macs are for fags.
So how many do you own?
Use another distro, obviously you're doing something wrong and it's all your fault, you must have a weird configuration nobody else in the universe has, well it's open source you can go fix the updates yourself, maybe you're just not smart enough to run a sophisticated OS like Linux, etc etc etc etc.
Just going through the litany of replies you'll get to save some time.
Comment of the year
See this blog post:
http://blogs.technet.com/b/office_sustained_engineering/archive/2013/09/11/outlook-folder-pane-disappears-after-installing-september-2013-public-update.aspx
Yes, I run Debian stable now for that very reason. I realized after I posted that it was rather dumb to compare security updates to program updates. With that said, I'm not sure how I am supposed to take your comment Ubuntu!=Linux. How is that addressing anything that I have said? I'm not trying to bash any distribution in particular, I like apt, I think it's the best packaging system out there in the Linux world right now, and I like Debian. However, I just wanted to point out that the update process on Windows is often a lot smoother than what most people on desktop-oriented Linux distributions experience. On Windows, you update most of your programs by hand, but hardly anything at all ever breaks. On Linux, everything is automated, but if your distribution releases anything more than security patches, chances are high you're going to see some breakage which may not be fixed until the next major release. Good luck fixing what just broke.
Macs are for fags.
So how many do you own?
Hey, have some respect for Microsoft support, you insensitive clod!
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
By "enjoying the show", do you mean feverishly working through dependency hell to try to make updates work at all on your *nix system?
It isn't 1998 any more. Why do you use 1998 arguments?
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
About the only way I can see you safely making a backup image before applying updates to an AD domain controller is to make the image, then download the updates, and then most importantly disconnect the DC from the network, or at least sever all links from any other DCs in the forest before applying the updates. That way if things do go south you can always restore the backup without having mucked up the rest of the forest.
I've done it on my forest, but each network segment is connected by a VPN or VLAN and there is only one DC per segment, so it would be relatively easy to segregate a DC during updates. Having more than one DC in the same AD site on the same segment would be a pain.
The world's burning. Moped Jesus spotted on I50. Details at 11.
True. I recently went through a bunch of Debian upgrades from 6 to 7, and this happened to one server. Unfortunately, it was one of the few physical servers on the list, which meant I had to haul my ass down to the data centre, early hours of the morning, to fix it at the console.
Serves me right for ignoring the grub update warning while doing the update. A simple "grub-install /dev/sda", when the update process is finished, would have made sure that all was OK. Also, this can be fixed by booting the Debian 7 install CD, and running through the rescue menu. No need for a live CD or such.
Still, it's a shame that this one got through the testing process, especially for such a crucial bit of the system. Very unusual for Debian.
we have a tool from quickbooks that does a thorough uninstall/reinstall, and i mean rigorous should work. pm me and ill try to get it to you.
weeks? YEARS in some cases.
Remember kids, if you're not paying for the service, YOU ARE THE PRODUCT THAT IS BEING SOLD.
Let's address those point-by-point.
So out of your list, the only valid point is "free". And perhaps applications, depending on if you need to use an app which is Linux-specific. But otherwise it's not a compelling argument you just made. And hey, if you have no need of applications which run on Windows and want to take advantage of the Linux price point (or just prefer the OS), God bless you. But Linux advocates also need to cut it out with this superiority complex nonsense. Linux and Windows are both perfectly serviceable operating systems which may or may not be superior depending on your needs. Saying one is inherently better than the other is asinine.
"16MB (fuck off, MiB fascists)" - The Mighty Buzzard
Relax dude - you sound like you smoked your corn flakes by mistake this morning.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Nah, I can understand the guy. No matter how wonderful the person you choose, sometimes you just want them to go away so you can be alone. That's difficult when you're married.
That's like saying 'Windows is absurdly unmaintainable if you start randomly deleting system files you don't think you need'.
Except for the part where pretty much everyone's third party applications on Windows add a single uninstall entry in the standard place in Control Panel and can be removed with two clicks from that standard screen, you mean?
Also, if you start deleting random system files you don't think you'll need on any recent version of Windows, firstly you'll find yourself interrupted by various security measures, and secondly various recovery tools would rapidly restore your system to working order. It's 2013, not 1995.
BTW, maybe you could explain how to fix my old XP machine
Would you also like help getting Debian Potato running on your i7?
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
If you're seeing problems almost every month, you should investigate your systems for malware and/or hardware failures. That simply isn't normal. MS aren't perfect, but their QA for automatic updates is way better than most large software companies, and seeing failures as often as you describe is highly unlikely without some other factor causing problems.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Really?
What about that little update to the openSSL that caused Debian deriviants to only have 32.000 possible keys (http://queue.acm.org/detail.cfm?id=2508864)? NSA has their grubby little fingers in everything, who cares that it's open source, if it's unreadable?
PHK has a nice post about this also:
http://www.version2.dk/blog/nsas-gennembrud-eller-noget-53787
It's in Danish, but scroll down a bit for an example of openSSL source code, having it in binary would only make it slightly less readable...
"causes the folder pane in Outlook 2013 to disappear."
That sounds like a major headache to me. And considering the article only states the ill-effects of one of the patches, how do you know that the other patch effects are minor?
The cowards post is not informative is it stupid mods, MS employees with mod points?
Waterfox - a Firefox fork with legacy extension support, security updates and better privacy by default.
Just in case you were worried about Windows updates, the defective patches are for Office 2007 and Office 2013. From the article:
Visit the
Does metasploit have a module for the ribbon backtrack?
don't forget to keep a spare live CD handy in case your system becomes unbootable
I'd say being prepared for an unbootable system is a fairly normal part of preparing for a major version upgrade.
I'd also say that a major version upgrade is a very different thing from installing security updates.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register