Slashdot Mirror

← Back to Stories (view on slashdot.org)

Forbes Blasts Latests Windows 7 Patch as Malware

Posted by timothy on from the if-the-president-does-it-is-isn't-illegal dept.

Forbes contributor Jason Evangelho has nothing good to say about a recent Windows 7 patch that's causing a range of trouble for some users. He writes: If you have Windows 7 set to automatically update every Tuesday, it may be to permanently disable that feature. Microsoft has just confirmed that a recent update — specifically KB 3004394 — is causing a range of serious problems and recommends removing it. The first issue that caught my attention, via AMD’s Robert Hallock, is that KB 3004394 blocks the installation or update of graphics drivers such as AMD’s new Catalyst Omega. Nvidia users are also reporting difficulty installing GeForce drivers, though I can’t confirm this personally as my machines are all Windows 8.1. Hallock recommended manually uninstalling the update, advice now echoed officially by Microsoft. More troubles are detailed in the article; on the upside, Microsoft has released a fix.

23 of 230 comments (clear)

  1. Short sighted by DavidRawling · · Score: 5, Insightful

    Ah yes, one bad patch and we should all NEVER PATCH AGAIN BECAUSE THE SKY IS FALLING! Perhaps he will take personal responsibility the next time a patched vulnerability launches a new botnet? Nah, just write inflammatory rubbish, it's easier.

    1. Re:Short sighted by lucm · · Score: 4, Funny

      THANK YOU! You just opened my eyes! I will immediately get rid of Windows and spend the next 4 weeks getting OpenBSD to somehow work on my laptop.

      --
      lucm, indeed.
    2. Re: Short sighted by nuckfuts · · Score: 5, Informative

      Here's a tip: If updates are pending but you want to shutdown quickly, don't choose Shutdown. Choose Log Off instead. Then, from the logon screen, you can choose either "Install updates and shutdown", or just "Shutdown".

    3. Re: Short sighted by Anonymous Coward · · Score: 4, Informative

      Ah, the great "you don't want to do that" solutions. As a anonymous coward I can finally say: I'm so sick of people like you. If you can't think of a real solution, then just say nothing.

      - You got shot, and need to stop the bleeding. Solution: You don't want to get shot.
      - Windows Vista doesn't update, how to solve it? Solution: You don't want to use Vista, and should upgrade.
      (add your own)

    4. Re:Short sighted by tranquilidad · · Score: 4, Informative

      Though I agree with your sentiment there was an additional patch in the group (KB2553154) that was a security update that conveniently broke ActiveX controls and macros in Excel 2013. It wasn't just one incredibly bad patch.

      I pity the poor vendors and their even poorer customers whose spreadsheets suddenly stopped working on December 10th.

    5. Re:Short sighted by reboot246 · · Score: 3, Informative

      I have my settings adjusted so that Windows tells me about the updates, but I choose when to download and install them. It's best to wait a couple of days after they're released to find out if anybody is having a problem with one of them. Let some other poor sucker get his computer bricked.

    6. Re:Short sighted by sjames · · Score: 4, Insightful

      That would be terrible advice. Fortunatly, nobody has suggested that. TFA suggested changing the setting to list updates for manual selection, and that's not at all bad advice. Wait a few days to see if people are screaming about horrible problems with the update, then select them manually.

      That would work even better if MS actually described what the update fixes (so you could decide if it's even relevant) rather than slipping things in.

    7. Re:Short sighted by GNious · · Score: 3, Funny

      Careful ... you keep this up, and systemd will start to come with its own nVidia driver for the 3D-enabled admin-UI

    8. Re:Short sighted by hairyfeet · · Score: 3, Interesting

      Not to mention I used the supposedly "bad patch" on dozens of systems, Intel and AMD, with both APUs and GPUs...never saw this problem, not once. This leads me to think there was some sort of third party interference, perhaps an AV that is being over aggressive and causing the patch to only be half installed.

      --
      ACs don't waste your time replying, your posts are never seen by me.
    9. Re:Short sighted by Paradise+Pete · · Score: 5, Insightful

      Ah yes, one bad patch and we should all NEVER PATCH AGAIN BECAUSE THE SKY IS FALLING!

      How is it that you interpret disabling auto-update as meaning "NEVER PATCH AGAIN"? I took it to mean don't patch until you're confident it's safe to do so. Don't you think that's a more reasonable view?

    10. Re: Short sighted by Paradise+Pete · · Score: 5, Funny

      Thank you, nuckfuts.

      Now there's something you don't read every day.

    11. Re:Short sighted by meerling · · Score: 3, Informative

      From the history books I've seen, many written by non-americans, it was pretty clearly stated that if the USA hadn't finally gotten into the war in Europe, Germany would have pretty much steamrolled what was left of western Europe, then turned full forces including it's Luftwaffe on Russia (actually USSR) and overwhelmed them outside of winter. Instead they got beaten back and their forces continually depleted by the Allied forces on the Western Front, leaving the Eastern front vulnerable and less capable, loosing even their initial advances when the lack of supplies and brutal winter devastated their forces.
      Things "might" have gone smoother with the American forces in Europe, but they were also engaged in the Pacific conflict at the same time, and needed the shifting of forces from the ending of the European conflict to bring a conclusion to the Pacific conflict. Of course there are the nukes, but those only ended it quicker and with far less bloodshed than would have happened otherwise, even with the most optimistic forecasts. It just goes to show that fighting a war on multiple fronts is never a good idea.

    12. Re:Short sighted by pepty · · Score: 4, Insightful

      So you haven't updated your OS in three years?

  2. It uninstalled itself... by radish · · Score: 5, Informative

    According to my update history they automatically uninstalled it the next day (via a new update). So the auto updates worked - no drama.

    --

    ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"

  3. Malware? by SydShamino · · Score: 4, Insightful

    I think calling something "Malware" implies malice, something that's not indicated here as I see it. This is probably a case of incompetence, releasing poorly thought out, poorly written, and/or poorly tested code. Maybe we need a term for that - "bugware". (Or, for the cynics in the audience, we already have a term - "software".)

    --
    It doesn't hurt to be nice.
    1. Re:Malware? by arbiter1 · · Score: 4, Insightful

      Forbes are trying to make things sound worse then it is to get views without any real journalism.

  4. Really bad advice by mseeger · · Score: 4, Insightful

    Several readers have pointed out that disabling automatic Windows Updates is bad advice, and while thatâ(TM)s a fair argument I have to disagree.

    It is really a BAD advice. The average PC user is not an ops person. If an update bricks his PC, he will notice and can get help. If his PC is insecure, he will notice nothing and help (if ever) will be asked for much too late.

    His arguments amount to one thing: avoid changes. Any change is a risk. But so is crossing the street. In the long run, a change-averse strategy will lead to worse results than the occasional botched change (exceptions apply, but those are rare). And the only way for the average user to do changes is to automate them.

  5. Did really he say that? by Okian+Warrior · · Score: 4, Informative

    Ah yes, one bad patch and we should all NEVER PATCH AGAIN BECAUSE THE SKY IS FALLING!

    Did he actually say that?

    Or did he say turn off *automatic* patching?

    It seems reasonable to always be 1 week behind in patching your systems - let someone else be the lightning rod for goofs and mistakes. I know some sysadmins patch "test" systems and try things out to see if the patches break their currently-running code. They don't seem to mind a certain time lag in patching.

  6. Can do this without logging off by iONiUM · · Score: 5, Informative

    While your steps work, you can also just focus on the desktop (by clicking the background, for example), then press ALT+F4. You will then be presented with the shutdown menu which includes the same options you cited, but without the need to log off first.

  7. Not sure if my problem is related by jandrese · · Score: 4, Interesting

    After the patch my box started complaining endlessly that it was not genuine windows, but when I went to activate Windows page it said I was already activated and just told me all of the great benefits of having genuine Windows and that I should install MS Defender.

    It non-activated dialog box wanted me to install some application to double activate it or something? I've had a tough time figuring out exactly what's up with it. The links all point to genuine microsoft.com websites, so it doesn't appear to be malware, but I'll be damned if it's not acting like malware.

    --

    I read the internet for the articles.
  8. Re:the real story by Deathlizard · · Score: 3, Insightful

    the problem that I have with this isn't this particular patch, but the pattern.

    Microsoft over the last 6 months have not had a patch cycle that didn't have major widespread issues with a patch that was eventually recalled. The last time they had problems this bad was sometime around 2002-2003, and back then they claimed that they changed their testing criteria to prevent major patch issues from happening, And it worked for a good while. At least I only had to worry about 1-2 bad patches a year at most.

    This patch botch, however, takes the cake. There is absolutely no way this patch should have been able to pass a competent Q/A test. Every single windows 7 machine that got this patch through our test systems (which is about 100 PC's spread across multiple vendors and OS images) popped up a "you are a conterfeit victim" message within 24 hours of receiving the patch. There is no way they couldn't have run into this unless they are doing short term checks for patch related issues.

    "The Patch Installed without crashing" is Not Good enough Q/A when you are rolling out a patch to millions of potential customers. Someone in MS Q/A Needs to get fired over these issues before it causes more damage (IE: People taking Forbes stupid advice, disabling critical updates and getting infected by some cryptovirus that wipes out all of their company files that could have been prevented by a patch install.)

    --
    In Soviet Russia, Trojan exploits YOU!
  9. Forbes has no standing to complain by 140Mandak262Jamuna · · Score: 3, Interesting

    Forbes faithfully parroted every Gartner study fully bought for by Microsoft, like the Total Cost of Ownership. It claimed Microsoft has reached a "utility" status and it should be considered a "widows-and-orphans" stock. It actively contributed to the culture of lazy CIOs choosing Microsoft because no one got fired for choosing Microsoft. It turned a blind eye to every illegal maneuver by Microsoft. Now, suddenly, it is blasting Microsoft? I think Microsoft is a lesser evil than Forbes.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  10. Layoffs by nateman1352 · · Score: 3

    So Microsoft starts laying off 18,000 employees in several waves starting in July this year. One of the first groups that was hit hard by layoffs was QA (mostly contract workers so they are easy to let go.) Within that, the QA department responsible for testing OS security patches was hit the hardest...

    So now we are having a bunch of problems with botched updates that weren't tested sufficiently, go figure!