Slashdot Mirror

← Back to Stories (view on slashdot.org)

Forbes Blasts Latests Windows 7 Patch as Malware

Posted by timothy on from the if-the-president-does-it-is-isn't-illegal dept.

Forbes contributor Jason Evangelho has nothing good to say about a recent Windows 7 patch that's causing a range of trouble for some users. He writes: If you have Windows 7 set to automatically update every Tuesday, it may be to permanently disable that feature. Microsoft has just confirmed that a recent update — specifically KB 3004394 — is causing a range of serious problems and recommends removing it. The first issue that caught my attention, via AMD’s Robert Hallock, is that KB 3004394 blocks the installation or update of graphics drivers such as AMD’s new Catalyst Omega. Nvidia users are also reporting difficulty installing GeForce drivers, though I can’t confirm this personally as my machines are all Windows 8.1. Hallock recommended manually uninstalling the update, advice now echoed officially by Microsoft. More troubles are detailed in the article; on the upside, Microsoft has released a fix.

9 of 230 comments (clear)

  1. Short sighted by DavidRawling · · Score: 5, Insightful

    Ah yes, one bad patch and we should all NEVER PATCH AGAIN BECAUSE THE SKY IS FALLING! Perhaps he will take personal responsibility the next time a patched vulnerability launches a new botnet? Nah, just write inflammatory rubbish, it's easier.

    1. Re:Short sighted by sjames · · Score: 4, Insightful

      That would be terrible advice. Fortunatly, nobody has suggested that. TFA suggested changing the setting to list updates for manual selection, and that's not at all bad advice. Wait a few days to see if people are screaming about horrible problems with the update, then select them manually.

      That would work even better if MS actually described what the update fixes (so you could decide if it's even relevant) rather than slipping things in.

    2. Re:Short sighted by Anonymous Coward · · Score: 2, Insightful

      (follow up from pevious)

      Also I love that your solution to getting OpenBSD to work on his laptop; is to install OpenBSD and then a virtual machine host, and install windows on top of that.

      So why did you get rid of windows again?

    3. Re:Short sighted by Paradise+Pete · · Score: 5, Insightful

      Ah yes, one bad patch and we should all NEVER PATCH AGAIN BECAUSE THE SKY IS FALLING!

      How is it that you interpret disabling auto-update as meaning "NEVER PATCH AGAIN"? I took it to mean don't patch until you're confident it's safe to do so. Don't you think that's a more reasonable view?

    4. Re:Short sighted by pepty · · Score: 4, Insightful

      So you haven't updated your OS in three years?

  2. Malware? by SydShamino · · Score: 4, Insightful

    I think calling something "Malware" implies malice, something that's not indicated here as I see it. This is probably a case of incompetence, releasing poorly thought out, poorly written, and/or poorly tested code. Maybe we need a term for that - "bugware". (Or, for the cynics in the audience, we already have a term - "software".)

    --
    It doesn't hurt to be nice.
    1. Re:Malware? by arbiter1 · · Score: 4, Insightful

      Forbes are trying to make things sound worse then it is to get views without any real journalism.

  3. Really bad advice by mseeger · · Score: 4, Insightful

    Several readers have pointed out that disabling automatic Windows Updates is bad advice, and while thatâ(TM)s a fair argument I have to disagree.

    It is really a BAD advice. The average PC user is not an ops person. If an update bricks his PC, he will notice and can get help. If his PC is insecure, he will notice nothing and help (if ever) will be asked for much too late.

    His arguments amount to one thing: avoid changes. Any change is a risk. But so is crossing the street. In the long run, a change-averse strategy will lead to worse results than the occasional botched change (exceptions apply, but those are rare). And the only way for the average user to do changes is to automate them.

  4. Re:the real story by Deathlizard · · Score: 3, Insightful

    the problem that I have with this isn't this particular patch, but the pattern.

    Microsoft over the last 6 months have not had a patch cycle that didn't have major widespread issues with a patch that was eventually recalled. The last time they had problems this bad was sometime around 2002-2003, and back then they claimed that they changed their testing criteria to prevent major patch issues from happening, And it worked for a good while. At least I only had to worry about 1-2 bad patches a year at most.

    This patch botch, however, takes the cake. There is absolutely no way this patch should have been able to pass a competent Q/A test. Every single windows 7 machine that got this patch through our test systems (which is about 100 PC's spread across multiple vendors and OS images) popped up a "you are a conterfeit victim" message within 24 hours of receiving the patch. There is no way they couldn't have run into this unless they are doing short term checks for patch related issues.

    "The Patch Installed without crashing" is Not Good enough Q/A when you are rolling out a patch to millions of potential customers. Someone in MS Q/A Needs to get fired over these issues before it causes more damage (IE: People taking Forbes stupid advice, disabling critical updates and getting infected by some cryptovirus that wipes out all of their company files that could have been prevented by a patch install.)

    --
    In Soviet Russia, Trojan exploits YOU!