Nerves Rattled By Highly Suspicious Windows Update Delivered Worldwide

An anonymous reader writes: If you're using Windows 7 you might want to be careful about which updates you install. Users on Windows forums are worried about a new "important" update that looks a little suspect. Ars reports: "'Clearly there's something that's delivered into the [Windows Update] queue that's trusted,' Kenneth White, a Washington DC-based security researcher, told Ars after contacting some of the Windows users who received the suspicious update. 'For someone to compromise the Windows Update server, that's a pretty serious vector. I don't raise the alarm very often but this has just enough characteristics of something pretty serious that I think it's worth looking at.'" UPDATE: Microsoft says there's nothing to worry about, the company "incorrectly published a test update."

I told you so.

This is exactly why I disabled updates. With all of the crap MS has been trying to forcefully push out after Malware 10 was released, you're safer without them.

Re:I told you so.

[bondsbw]

I told you so.

Somehow I don't believe you. Care to provide a link to the post in which you said that Microsoft would accidentally post a test package to the production Windows Update service?

Re:I told you so.

I have been saying that automatic updates were stupid for years for this reason. Now that Microsoft is forcing them, well, good luck with that.

Just wait until Microsoft gets their update servers pwned and they start silently making bots out of all Malware 10 PCs.

Re:I told you so.

Or when someone sticks a payload into an update and distributes it to other users since Windows 10 by default will send and accept updates to and from ANY OTHER Windows 10 PC on the internet.

Re:I told you so.

[bondsbw]

Don't those have signature checking?

Re:I told you so.

And?

Re:I told you so.

[sexconker]

The updates are signed, but the metadata is not.
But shit from the metadata can be executed.

http://www.contextis.com/media...

Configuring SSL for WSUS (NOT the default, and NOT as simple as it should be) mitigates this by protecting the metadata from simple MITM attacks.

Re:I told you so.

[Ol+Olsoc]

I told you so.

Somehow I don't believe you. Care to provide a link to the post in which you said that Microsoft would accidentally post a test package to the production Windows Update service?

Well, I don't know that the individual expressly posted that a suspicious update would happen, but unless Microsoft does something it has never ever done before, one of these days, an update that few have any option to do than let it happen, will create a huge mess.

Because unless you only use office, Microsoft updates constantly break things.

Re:I told you so.

As far as I am concerned from now on, every statement from M$ is potentially a lie, and ANY OS or program from M$ is potentially full of NSA backdoors and spyware, as well as the ever-present bugs. As far as anyone knows every M$ product all the way back to the first version of DOS was/is infested the same way!

M$, you are forever wiped from my computers and out of my life!!!

Re:I told you so.

[mjm1231]

Because unless you only use office, Microsoft updates constantly break things.

Why would only using Office help? Office updates break things plenty often in my experience.

Re:I told you so.

I was given to understand that you can easily defeat Microsoft's forcing of updates by configuring your internet connection as "monitored." That tells Microsoft that you pay per byte, and as such Microsoft won't automatically hit the internet, including not automatically downloading updates. You can then manually get the updates on your own schedule.

I am not using Win10 so I don't actually know if this works, though. Obviously, Microsoft isn't going to promulgate this option, since they don't want people using it unless they actually need to.

Re:I told you so.

[Coren22]

What do you have against cows? Was your mother a cow?

Re:I told you so.

cowards generally do cowardly things like skipping.

Re:I told you so.

They started pusing telementry and other crap to Windows 7 and 8 before Windows 10 was released.

But yes its time to ditch windows updates and have done so too now. It is far too hostile than a good software firewall and ad/tracking blocker with your browser, etc.

Re: I told you so.

+1

Re:I told you so.

You can only set wifi connections as metered. The instant you jump on any other wifi network, all updates get pushed through.

Ethernet connections cannot be set as metered.

Fuck that noise.

Re:I told you so.

[dbIII]

Well, I don't know that the individual expressly posted that a suspicious update

I've had the opposite sort of "suspicious update" on a couple of machines - one that suspects it's not a real copy of windows so that you have to repeat product activation, then roll back updates and do a whole lot of new updates.
How many times do you want to reboot today?

Re:I told you so.

[Ol+Olsoc]

Well, I don't know that the individual expressly posted that a suspicious update

I've had the opposite sort of "suspicious update" on a couple of machines - one that suspects it's not a real copy of windows so that you have to repeat product activation, then roll back updates and do a whole lot of new updates. How many times do you want to reboot today?

From what I've been told, it was an update that started that mess.

Re:I told you so.

[david_thornley]

What do you mean by "from now on"? Were you ever under the impression that Microsoft was completely truthful, or completely free of government spyware? Microsoft is a large publicly held corporation, and as such can't be completely trusted.

As far as the first Microsoft OS goes, I'd be astonished to find there was government spyware. Personal computers then were almost never hooked up to any sort of network, and they weren't considered really important.

Re:I told you so.

[Ol+Olsoc]

Because unless you only use office, Microsoft updates constantly break things.

Why would only using Office help? Office updates break things plenty often in my experience.

I probably should have said "simple stuff" as I haven't touched MS Office since the ribbon, except for PowerPoint. My bad.

Be suspicous of every update, period

It's not a good idea just to blanket trust updates as soon as they come out. How many times have we seen MS Patches break stuff. Always test first and then roll out.

Re:Be suspicous of every update, period

Yep. If you've ever played Deus Ex: Human Revolution, you'll remember the part where everyone's biochip starts "malfunctioning" (in reality it was directed interference to give the illusion of malfunction) and everyone immediately runs to LIMB clinics to get a "fixed" biochip from a single company. Later on, the "fixed" biochips are used to turn everyone into crazed zombie cyborgs.

Blindly installing updates as soon as they come out or, in the case of Windows 10, having them silently forced upon you is incredibly stupid.

Re:Be suspicous of every update, period

[Gr8Apes]

If this continues, I wouldn't do real work on [windows] ever again.

So this time didn't do it for you? There has to be another time? Given Win7+'s mod to auto install fixes deemed by MS to be critical, I think that time was at least years ago. Even IBM jumped ship.

Re:Be suspicous of every update, period

[flacco]

> now

lol

Re:Be suspicous of every update, period

Yep. If you've ever played Deus Ex: Human Revolution, you'll remember the part where everyone's biochip starts "malfunctioning" (in reality it was directed interference to give the illusion of malfunction) and everyone immediately runs to LIMB clinics to get a "fixed" biochip from a single company. Later on, the "fixed" biochips are used to turn everyone into crazed zombie cyborgs.

You forgot the part where the player character, Adam, can choose to either update along with everyone else or wait. If you update along with everyone else, your blind trust gets used against you later in a boss fight, punishing you for not being skeptical in a game about conspiracy theories and illuminati-type plots.

Re:Be suspicous of every update, period

You forgot the part where the player character, Adam, can choose to either update along with everyone else or wait. If you update along with everyone else, your blind trust gets used against you later in a boss fight, punishing you for not being skeptical in a game about conspiracy theories and illuminati-type plots.

Human Revolution wasn't really about conspiracy theories or the Illuminati. You're thinking of the original game.

Re:Be suspicous of every update, period

Later on, the "fixed" biochips are used to turn everyone into crazed zombie cyborgs.

spoiler alert!

Re:Be suspicous of every update, period

The game came out in 2011. Everyone who was interested has already played it.

Re:Be suspicous of every update, period

You forgot the part where the player character, Adam, can choose to either update along with everyone else or wait. If you update along with everyone else, your blind trust gets used against you later in a boss fight, punishing you for not being skeptical in a game about conspiracy theories and illuminati-type plots.

Human Revolution wasn't really about conspiracy theories or the Illuminati. You're thinking of the original game.

lots of spoilers ahead! The game's old enough now that I don't feel bad writing all this out, but if anyone actually cares about spoilers, this is your warning.

It wasn't just the original Deus Ex. DX:HR had plenty of Illuminati involvement, in fact more than the original DX, because the original game was as much about ex-Illuminati members, like Bob Page taking over Majestic 12 and then taking over and efefctively replacing the Illuminati. In DX, the Illuminati was just a shell of its fabled past glory; a handful of old-timers that resented the takeover, to the point that JC Denton even got help from one of the members as part of the Illuminati/MJ12 power struggle.

Examples:

* The Illuminati was behind the scenes trying to sway public opinion, even to the point of orchestrating riots. For example, outside the Detorit LIMB clinic, there's a sniper rifle, ammunition, and a data device on top of the gas station. The lore dump indicates that a person was hired to fire on the crowd to incite it if it didn't escalate on its own.

* Picus, the TV network with non-stop news dump, was controlled by them as well and actively "tweaking" the news reports in a very extreme manner to sway public opinion. When Sarif refused to be part of the illuminati game, every story Picus ran was slanted against Sarif while practically worshipping the Hong Kong tech company (Tai Yong Medical, whose CEO was Illuminati and also the one that was responsible for the zombie biochip implants the original AC mentioned).

If you sweep the Picus HQ building thoroughly for PC emails and the data pads, you get a fairly in-depth view of just how much history rewriting was going on, including manufacturing fake video footage. A few of them even made connections to Illuminati characters from the original game.

* Oh, and there was secret underground base with the giant evil hand statue (an MJ12 logo, because they were still part of the Illuminati at that point) in the basement of the Picus building. That's where you found the video editing and other examples of them outright falsifying the news. It started out suspicious in Picus HQ and then became outright damning by the time you ransacked the lair.

* The attack on Sarif was industrial espionage covered by an anti-aug riot. That's what kicked off the whole thing, because then the cops tried to hide the evidence under orders of a government agent (Joseph Manderley, from the original Deus Ex) that was involved with the same powerful people mentioned above.

* Speaking of government, there was also the FEMA internment camp that was also being rented out to the illuminati types, showing that the government was practically under their full control already.

* You also had Belltower and Tai Yong practically replacing government in the Hong Kong section of the game, with private mercenaries walking the streets like a police force.

* The whole bit with the biochips was Illuminati-related. They caused the interference, used the World Health Organization (also under their control) to issue a suggestion for everyone to get "upgraded" to Tai Yong tech (TYM being an Illuminati-aligned corporation), and the TYM CEO, Zhao Yun Ru, even uses the biochip control to short circuit the player character in an attempt to kill him when he learns too much and goes after her.

* Oh, and the anti-augmentation speaker, William Taggart, was even Illuminati. He was part of the whole "swaying public opinion" thing, and they used his influence to incite anti-aug riots.

Re:Be suspicous of every update, period

DXHR was more like companies and politicians colliding. There were no real top secret areas like Area 51, it was all corporate property and hired mercenaries.

The original game actually predicted some things that have really come to pass. I just recently played through it again and it's hard to believe how much they got right about the future.

Re:Be suspicous of every update, period

DXHR was more like companies and politicians colliding. There were no real top secret areas like Area 51, it was all corporate property and hired mercenaries.

It was still Illuminati stuff, especially if you followed the in-game lore dumps that you found on PCs and the data pad things throughout. Picus was being run by MJ12 (which was under the Illuminati), and you learned about the Illuminati / government / business ties through the lore dumps and MJ12 imagery and whatnot.

I think the focus on business, government, and media collusion was just a sign of the times. We already see the sort of big business + government + media collusion every day, so it makes sense from a storytelling standpoint to take something people see in real life and use it to tie together the Illuminati "world rule behind the scenes" concept. Of course, even that has precedent in the original Deus Ex, like the Illuminati leader being implied to be from the De Beers diamond cartel. It makes sense to have powerful businessmen and women be the ones with the resources to pull the strings behind the scenes.

For what it's worth, though, it helps to have played it more than once; I recently played through again (which is why I remember so much of it) and noticed a lot of bits of info in emails and such early on that referenced things that came into play later in the game and tied the Illuminati stuff and disparate parts together. On the first play, I completely missed much of it because, by the time I got to the later parts, I didn't notice repeated names and the like. It made a lot of the machinations seem more plausible, up until the idiotic swerve at the end.

Point is, it was still there in large quantities in DX:HR. In fact, much of it expanded on the Illuminati lore from the original game.

The original game actually predicted some things that have really come to pass. I just recently played through it again and it's hard to believe how much they got right about the future.

That's what made the original game stand out. The storyline was largely rooted in existing conspiracy theories and real trends (political, media, business) at the time, so it made everything seem that much more believable.

Some of it was a fluke, though, like the NYC skyline at the start not having the twin towers. They duplicated half of the skyline for memory saving purposes and, when people questioned the lack of twin towers, the developers lampshaded it as "terrorist attacks, like the statue of liberty". Then later, it really happened.

You see some of that still with DX:HR, but a lot of it was background lore, and it was easy to lose sight of that when faced with the absurd twist of the last level, which overshadows the more plausible parts of the story and background, unfortunately.

Of course, I had the same problem with the original Deus Ex. For as much as I loved the game (it's probably my favorite video game), the last stage and ending was absurd and something of a letdown, at least in terms of story. The level design itself was mostly fine (same with DX:HR, actually), but really, the final level and ending was the low point of both games IMO.

Re:Be suspicous of every update, period

They duplicated half of the skyline for memory saving purposes

According to Warren Spector himself, it wasn't even that. The artist responsible simply left out the world trade center buildings. There is no reason they couldn't have used a second texture and mesh, so the memory limit thing was BS.

It was a test update

http://www.zdnet.com/article/microsoft-accidentally-issued-a-test-windows-update-patch/

Re:It was a test update

You trust ZDNet? Aren't they the ones who tried to justify and cover for Windows 10 spyware and built-in advertising?

Re:It was a test update

You trust Arstech? (hint: right there in TFA): "We incorrectly published a test update and are in the process of removing it," a Microsoft spokesperson wrote in an e-mail to Ars. The message included no other information.

Re:It was a test update

I trust some of Ars. Peter Bright is a moron and known MS shill, so I don't read his garbage. Also, the Ars article says:

We incorrectly published a test update and are in the process of removing it," a Microsoft spokesperson wrote in an e-mail to Ars. The message included no other information.

Only an idiot wouldn't think this is suspicious. Nice of you to omit that very important part, shill.

Every time Microsoft fucks something up, ZDNet is right there to paint a rosy picture where everything is perfectly fine and Microsoft is the best company in the world.

Re:It was a test update

ZDNet was responsible for the one and only positive mainstream source of computer knowledge when they gave us ZDTV (which gradually degenerated and changed hands until it got replaced on my network, at least, by the 24-hour-hipster-chris-hardwick channel). But when it was fully ZDTV, it was the best channel ever on cable.

They didn't spread FUD about Microsoft, but they gladly explained how to set up your own linux box and route your own network traffic with it.

Re:It was a test update

How times have changed. ZDNet only wants to appease Microsoft and their other advertisers these days.

Re:It was a test update

[Zero__Kelvin]

Does anyone seriously believe that if their servers have been compromised that they would be honest and admit it? With the Windows 10 debacle on everyone's mind it is highly likely that someone compromised their servers to prove a point that their claim that everyone's data is safe in their hands is bullshit. It really doesn't matter, because even if their claim is 100% honest it amounts to this: Microsoft cannot be trusted. Period.

What is that you say? Never ascribe to malice that which can be explained by incompetence? Oh, I totally agree, with the exception that I would say "as a rule" rather than never. The problem is it doesn't matter if you can't trust them because they are malicious, or you can't trust them because they have proved their incompetence. Either way, they have now proved beyond a shadow of a doubt that they must not be trusted, because they are definitely and provably not trustworthy. We can all speculate as to why nobody should trust them, but no reasonable person would assert, as of today, that they should be trusted.

Re:It was a test update

It does not matter if MS can be "trsuted".

Our choice is whether we are better of with the existing vulnerabilites and shortcomings in the shipped version, or having them fixed but with other issues.
That is the choice we had until Windows 10.

And no, Linux is not an option.

Re:It was a test update

[Zero__Kelvin]

" Linux is not an option"

For 99% of the people using computers Linux is absolutely an option. Indeed, for those same 99% it is likely the best option.

Re:It was a test update

[david_thornley]

For people who use their computers to do email, web surfing, light word processing, and casual games, a friendly Linux distro (Mint?) is the best option. There's a lot of those, but hardly 99% of the market. Lots of people have more specific software they use, which doesn't run on Linux, doesn't easily run under WINE, and doesn't have a drop-in Linux equivalent. For them, Linux is not an option.

Re:It was a test update

[Zero__Kelvin]

First of all, 90 percent of people use their computers for email, web surfing, and (light?) word processing, both at home and in the office, with the exception that I'll add spreadsheet based tasks, which again is available and works great on Linux. WINE is right out. I don't care about WINE. Assume it doesn't exist for the purposes of our discussion, as I don't need it to win the point. I'm really not sure why you put the word light in there regarding word processing, actually. As a professional writer I can assure you that Linux is far more powerful than Windows for "heavy" word processing. That leaves 9 percent. Games are a non-issue, as anyone who uses their PC for games is either too cheap to buy a game box, or they can dual boot just for games. They especially don't care if they are running Windows 10 or 7/8/8.1 and they certainly don't care about updates. I'm talking about people who use their computers for serious work or home use. With the exception CAD/CAE and Photoshop (a very small percentage of the population; much less than 9 percent. In fact they are the 1 percenters), give an example of something that Linux doesn't do as well or better than can be done with Windows only applications.

Re: It was a test update

Kelvin I saw you last night in league of legends. Why didn't you speak to me? I called you out.

Re:It was a test update

[david_thornley]

I'm an occasional writer who's not good enough to go pro, but I have looked at some authoring tools, and haven't found any I like better than several terminal windows running vim. (Then again, don't take my word on such tools unless and until I do publish something good.) The kicker is that, if you are expected to send .docx files to Microsoft Word users, you're better off using Microsoft Word itself. Not only is it more likely to be compatible (you'd think it would be a given, but nooooo), but you've got an excuse when it isn't.

Dual booting for games is not something typical gamers are going to do. They're going to run some version of Windows. Nor are they necessarily too cheap to buy a console, since console and PC games are not interchangeable.

As far as serious use goes, you're going to find that lots of people use things like Quicken and TurboTax. Lots more have other programs that don't run on Linux that they use frequently enough and which they're not willing to give up. There's all sorts of things out there, genealogy software, assorted needlework software, model railroad control software, and it mounts up. These people are not going to dual-boot.

These people are also not going to change to Mint without having replacement applications that are fairly close to drop-in, say as close as Firefox, Chrome, and Opera are to IE/Edge. This includes both functionality and ease of use. Further, it includes trust. Lots of people use Quicken because they feel safe with it because lots of people use Quicken. The TurboTax people have actually taken responsibility for their software when they got it wrong. No matter how good GnuCash is, it doesn't look as trustworthy.

Re:It was a test update

[bingoUV]

I'm an occasional writer who's not good enough to go pro, but I have looked at some authoring tools, and haven't found any I like better than several terminal windows running vim.

This book is quite beautiful - produced completely in emacs org mode.

It was even written collaboratively. Export to docx works well enough in emacs org mode using pandoc. There is a discussion here

Re:It was a test update

[Zero__Kelvin]

Your argument is Word, Quicken and Turbotax, etc. don't work on Linux. My argument is who cares. Use real tools. We will have to agree to disagree on this one, perhaps. I never said that people wouldn't have to learn how to do things properly. If you interpreted what I wrote as "People can just switch to Linux and then keep on doing everything the same way, and they'll find the ribbon bar waiting for them" then I believe you misinterpreted what I wrote, but if not then apologies for not being clear. Indeed, a switch to Linux is like switching from McDonald's to cooking healthy foods yourself. At first it seems painful, and is more work, but it isn't long before you wonder how you ever lived so foolishly before.

Re:It was a test update

[david_thornley]

Is it your point that every grandma with a computer needs to learn Emacs? It's a very nice system, but I don't think my mother-in-law would do well with it.

Re:It was a test update

[david_thornley]

Real tools? LibreOffice is, in some respects, inferior to Microsoft Office (particularly with spreadsheets). What do you recommend as replacements for Quicken and TurboTax, bearing in mind that ease of use is an essential feature? Heck, what do you recommend to replace a certain program that interfaces a Windows computer with model railroad controls? (That's tricky stuff, by the way, since the standard's too vague.) There's lots of other programs that somebody's written for Windows and not Linux that certain people find very useful, and they frequently don't have acceptable equivalents on Linux.

If there's software on Linux that does what you want, great. I use my Windows laptop for games, TurboTax, and stuff that I could just as easily do on my Linux box except that that it's upstairs and I'm often downstairs (files shared through Dropbox). I do some CAD stuff at work, which means I need a Windows machine there. My in-laws used to have a GPS unit hooked up in a proprietary manner to a Windows laptop, and that did require Windows. My model railroad friend needs Windows to control his trains. I know someone who uses Windows needlepoint software, and I doubt that's got an equivalent on Linux. If they were to switch, they'd lose functionality that they couldn't replace.

It's the thousands of little applications like that that keep lots of people on Windows (and it takes only one to keep someone on Windows). After all, most people get Windows either because they don't know any better or it's most convenient or to run Windows-compatible software. People who want an audience for their software and don't want to do anything cross-platform typically write Windows-compatible software because of all the people who have Windows. It's a vicious circle, and will not be easily solved.

If you can tell the difference between working in Windows and in Linux, you're better at this than the vast majority of the population.

Re:It was a test update

[Zero__Kelvin]

"If you can tell the difference between working in Windows and in Linux, you're better at this than the vast majority of the population."

If I left you with the impression that I wasn't better at this than the vast majority of the population then I apologize. I chose one example at random to address. Actually it wasn't really a random choice. I chose it because I had no idea what I would find, because I could really want nothing to do with model trains, and had no idea for sure what was out there. Of course the word hacker comes has its roots in model train enthusiast from MIT, but I digress. Here is what I found:
http://wiki.rocrail.net/doku.php
http://www.berros.eu/en/itrain/
http://www.dccwiki.com/DCC_Software
http://lintrain.sourceforge.net/
... and the list goes on. I'm going to say that your friend, like pretty much everyone else I have ever heard claim couldn't do without Windows because there is just nothing available for Linux that can do it, is probably just ignorant. Wouldn't you agree?

Re:It was a test update

[bingoUV]

Since I didn't mention grandma, especially every grandma with a computer, my point is not about every grandma with a computer. Every grandma with a computer doesn't claim to be a writer or an author.

You said YOU have not found a better system than X, I pointed out a system which many people have found "better".

You are welcome.

only a test

[tomhath]

FTFA:

Microsoft said a highly suspicious Windows update that was delivered to customers around the world was the result of a test that wasn't correctly implemented.

They were just checking to see if you really wanted to upgrade to Windows 10

Probably just some fuckery

[jones_supa]

Never attribute to malice that which is adequately explained by stupidity. Could be that some Microsoft engineer accidentally published a test update.

Re:Probably just some fuckery

[MrLint]

That really only applies when the split between malice and stupidity could land at the same place.

Re:Probably just some fuckery

[sunderland56]

Never attribute to malice that which is adequately explained by stupidity.

You mean that Windows 10 wasn't intended to be patently evil, it's just that Microsoft are idiots?

Re: Probably just some fuckery

Nice excuse, except it's exactly what a person caught being malicious would like you to believe.
You assume we live in a perfect world if you buy that argument.

Re:Probably just some fuckery

[Anonymous+Psychopath]

Never attribute to malice that which is adequately explained by stupidity. Could be that some Microsoft engineer accidentally published a test update.

What's more reasonable, that some MS drone fucked up, or that the NSA compromised their update servers to illegally wiretap every system on the planet, Batman style, just sort of hoping no one would notice? Where's Morgan Freeman when you need him?

Re:Probably just some fuckery

Or.. "the the more obvious, they could just be Patently Evil Idiots"

Re:Probably just some fuckery

No, you're just a tool.

Re: Probably just some fuckery

Yes, because a malicious compromise of a WIndows update server would be so great for Microsoft's already mushy bottom line.

Get a clue. They f'd up. Period. P00p happens.

Re:Probably just some fuckery

What's more reasonable, that some MS drone fucked up, or that the NSA compromised their update servers to illegally wiretap every system on the planet

Have you not been paying attention for the past decade or what? Both of those scenarios are equally plausible. Or it could be MS's latest attempt to push everyone into Spyware 10.

Re:Probably just some fuckery

[Ol+Olsoc]

Never attribute to malice that which is adequately explained by stupidity. Could be that some Microsoft engineer accidentally published a test update.

Does it really matter if it was a mistake or not? If a guy burns down my house accidentally, or he does it on purpose, my house is still burnt down.

That's why mandatory no choice updates and the cloud are really bad ideas. The results of little mistakes can be indistinguishable from criminal intent. Either way, you lose.

I haven't seen the update yet, but people should consider this a close shot across the bow.

Re:Probably just some fuckery

[Ol+Olsoc]

Never attribute to malice that which is adequately explained by stupidity.

You mean that Windows 10 wasn't intended to be patently evil, it's just that Microsoft are idiots?

The sad part, is that after trying out W10, I was pretty excited. Stuff worked, I could do what I needed to do, and find what I needed to find.

But they really screwed the pooch with the telemetry and the no choice updates on everything but Enterprise. My W10 Pro sacrificial computer running Pro only allows me to put them off for a little while, and constantly nags me.

So since I have one last piece of software that requires Windows, my sacrificial computer will run that program and only that program, and I'll do everything else on my OSX and Linux machines.

Gawdammit!, it was a nice OS otherwise. Stupid stupidheads!

Re:Probably just some fuckery

When I tried Windows 10 Pro, not only was I turned off by the massive level of spyware and the integrated ad framework, but also the performance. Windows 10 would stutter every few seconds no matter what action was being performed and simple things seemed laggy. It didn't take me long to decide to rollback the OS.

Windows 10 is the worst version of Windows yet.

Re: Probably just some fuckery

They better stop fucking up or someone might just "accidentally" burn down Microsoft's headquarters. You know, because shit happens.

Re: Probably just some fuckery

So what exactly does the test update do for (read as "to") those who applied it?

Re:Probably just some fuckery

[Anonymous+Psychopath]

What's more reasonable, that some MS drone fucked up, or that the NSA compromised their update servers to illegally wiretap every system on the planet

Have you not been paying attention for the past decade or what? Both of those scenarios are equally plausible. Or it could be MS's latest attempt to push everyone into Spyware 10.

I'll grant you they're both plausible, but equally plausible? Nope.

Re:Probably just some fuckery

[Enigma2175]

What's more reasonable, that some MS drone fucked up, or that the NSA compromised their update servers to illegally wiretap every system on the planet, Batman style, just sort of hoping no one would notice? Where's Morgan Freeman when you need him?

Why would the NSA need to compromise the update servers? They just send a National Security Letter to Microsoft and their backdoor gets put into the OS when it ships, they don't need to slip it into an update.

Re:Probably just some fuckery

Look at the number of unpatched systems out there being turned into botnets and then try saying they should leave it optional with a straight face.

You can't trust people to handle their own security when they will gleefully give out their banking info to that nice guy from nigeria. I don't know of any regular people who will manually patch their programs and OS and all the vendors are going in the direction of automated patching. Just the idea you are avoiding patches that may be fixing critical exploits demonstrates why it is needed.

Re:Probably just some fuckery

Anyone who knows enough to be able to specifically go and disable updates can be trusted to handle it by themselves. I'm not about to risk the integrity of my systems by installing unknown, untested, buggy, spyware filled updates that are worse than the bugs that they try to fix.

Re:Probably just some fuckery

Does it really matter if it was a mistake or not? If a guy burns down my house accidentally, or he does it on purpose, my house is still burnt down.

An accident doesn't necessarily predict future behavior. Malicious intent does predict future behavior with greater frequency.

Re:Probably just some fuckery

Microsoft is a known participant in the PRISM program. It's equally as plausible.

Re:Probably just some fuckery

Someone who is accident prone to that degree certainly doesn't deserve trust.

Re:Probably just some fuckery

[gstoddart]

The problem is, from the perspective of trying to cram Windows 10 up our asses ... there's been an awful lot of what is best called malice.

Microsoft plans on applying this upgrade whether you like it or not, and in a lot of cases, is going to remove your control over subsequent updates ... your computer apparently belongs to them.

So, are you suggesting we have stupid malicious assholes who are incompetently pushing out test updates in a fucking sea of unwanted updates they're intentionally obfuscating as to what they really are? Because if that's the case, Microsoft has not only jumped the shark, but they've become an incompetent cancer who have decided they don't give a fuck what they do to your computers.

In which case, turn off Windows Update now and be done with them.

If "some Microsoft engineer accidentally published a test update" he should be shot, drawn and quartered, and charged with criminally tampering with the machines of people.

Shit like this is precisely why I have no trust in them for Windows 10 and am not prepared to take it. They didn't buy my fucking computer, I did. And the choice to upgrade is not theirs to make.

Incompetently publishing a test update and treating me like a beta tester? Not fucking happening.

Re:Probably just some fuckery

That's entirely besides the point though.

If an update can be pushed -accidentally- then it means they don't actually have sufficient procedures around the update system to make sure they know exactly what's being pushed out to every single windows user. And when Windows 10 is the standard, that means the updates are delivered and added regardless of the wishes of the computer owner.

So all that's needed is for some hacker group to have the balls to try to get someone hired on by microsoft and push a little update one tuesday.

Re:Probably just some fuckery

No, the fact that Microsoft is pushing patches without user consent demonstrates why every hoop necessary should be jumped through to prevent it.

Re:Probably just some fuckery

Why don't you just stick with Windows 7 for that one app? Security updates will keep coming for 5 more years.

Re:Probably just some fuckery

[Ol+Olsoc]

Why don't you just stick with Windows 7 for that one app? Security updates will keep coming for 5 more years.

For my main computer, which is running W7 via bootcamp, I'll do just that. That sacrificial computer was just a hopeful experiment

Re:Probably just some fuckery

[david_thornley]

An NSL doesn't require them to change code, only to hand over information they've already got or can easily get. The NSA would use other means to pressure Microsoft.

Yeah, a test update...

[TWX]

From the article...

"We incorrectly published a test update and are in the process of removing it," a Microsoft spokesperson wrote in an e-mail to Ars. The message included no other information.

The explanation came more than 12 hours after people around the world began receiving the software bulletin through the official Windows Update, raising widespread speculation that Microsoft's automatic patching mechanism was broken or, worse, had been compromised to attack end users. Fortunately, now that Microsoft has finally weighed in, that worst-case scenario can be ruled out.

I'm a little leery of the Microsoft claim. Admittedly I am perhaps a bit biased against Microsoft for their having integrated a web browser into their OS kernel such that the OS can be irrevocably compromised through a simple web page, but even without that history, that company is large enough that anyone in public relations to make the, "our bad," announcement might not have any idea what actually happened from a technical point of view. On top of that the formatting of the update doesn't give any clue that it's a test update either, as it appears to make no origin claims (at least by the article's included screen shot) and is simply strange.

Whenever I've done something as a test, I actually note in the comments that it's a damn test. I also note that I put it there. Microsoft might not want to publicly attribute something to a particular developer to intentionally obfuscate the development process from the user, but they still should have used something that identifies it as a test to the average person, and used something to make it clear to them that it's attributed to a specific person.

Re:Yeah, a test update...

On top of that the formatting of the update doesn't give any clue that it's a test update either, as it appears to make no origin claims (at least by the article's included screen shot) and is simply strange.

Well, from the examples given on the forum link, one thing does stand out:

https://hckSLpGtvi.PguhWDz.fuVOl.gov
  https://jNt.JFnFA.Jigf.xnzMQAFnZ.edu
  https://IIKaR.ktBDARxd.plepVV.PGetGeG.lfIYQIHCN.mil

.gov, .edu and .mil addresses are very restricted TLD's. This makes them great for use as 'test' URL because you can be sure they don't exist. After all, TLD's that may be fictional now (.web) might not be in the future (.site).

Re:Yeah, a test update...

[Dracos]

Then why not use hosts on some Microsoft-owned (test) domain?

Re:Yeah, a test update...

[quote]having integrated a web browser into their OS kernel such that the OS can be irrevocably compromised through a simple web page[/quote]

You're a fucking clueless retard. Please stay away from technology as a career.

Re:Yeah, a test update...

[msauve]

...or *.test or *.invalid That's what they're for. Making up domains at random using valid TLDs isn't proper behavior.

Re:Yeah, a test update...

I think your buddies in Call of Duty are waiting for you to rejoin them, junior.

Re:Yeah, a test update...

They seem more like special strings that will trigger memory-monitoring firmware to do something upon spotting the sequence.

+1 for the fact if these get requested, network gear also will be able to witness these special strings, also activating or changing something in the firmware.

Reminds me of the PoC about compromised harddrive firmware that lays idle waiting for the right string to make it to the controller.

Re:Yeah, a test update...

[phantomfive]

Whenever I've done something as a test, I actually note in the comments that it's a damn test. I also note that I put it there.

There's a real possibility that you are a better programmer than the average Microsoft programmer. Really.

Re:Yeah, a test update...

[lgw]

".test" is a reserved test domain. There are others, including ".example", and ".invalid". I remember there being a two-letter one (".xy" I think), and a 63-letter one, but I can't find rhe RFC for those.

I've used ".test" for years, both for test URLs and test servers.

Re:Yeah, a test update...

[tlhIngan]

There's a real possibility that you are a better programmer than the average Microsoft programmer. Really.

Or more like he's a better programmer than the average programmer. Far too many do stuff like push to production, or edit in production, or just check in a quick "it should work" straight into source control without even compiling it.

Re:Yeah, a test update...

[driblio]

TLS. No firmware will see these strings. Next!

Re: Yeah, a test update...

Lol you use ad hominem attacks on the person but never explain why. You just quote what he said. Do you have any proof otherwise? Because I don't think you do. And it is you who should give up their career as a tech person. You are the clueless one sir.

Re:Yeah, a test update...

[TWX]

There's a real possibility that you are a better programmer than the average Microsoft programmer. Really.

Or more like he's a better programmer than the average programmer. Far too many do stuff like push to production, or edit in production, or just check in a quick "it should work" straight into source control without even compiling it.

That is a really scary thought, given how I've evaluated my programming knowledge and experience.

Microsoft looking for new ways to fail

[JoeyRox]

They're apparently not content with only failing miserably in new markets like smartphones - they're now finding ways to destroy their successful businesses as well. They should just sit on their hands and keep collecting their checks.

Re:Microsoft looking for new ways to fail

[Gr8Apes]

But but but... then they're just like a utility, paying dividends and not increasing their paper wealth at those small growth stock rates!!!!

'Test update'

[0123456]

Perhaps it's just me, but on days like this it almost looks like sacking thousands of QA employees might not have been the smartest idea ever.

Re:'Test update'

But the management got their quarterly bonuses for saving some money, so what else really matters? Fuck the customers and share holders, top management can always just jump the sinking ship and continue to destroy next company.

Re:'Test update'

Perhaps it's just me, but on days like this it almost looks like sacking thousands of QA employees might not have been the smartest idea ever.

But Agile(tm)! DevOps(tm)!

Surely you don't think that rigorous staging and testing ("policies and procedures") is appropriate in an Agile(tm) environment in which the only thing that matters is delivering working software! I mean, it passed all the developer's tests, so continuous deployment demands that the developer just SHIP IT!

Re:'Test update'

[0123456]

It does rather sound like that's Microsoft's new model. Ship a new version of Windows 10 every day via mandatory updates, and fix the new problems tomorrow.

Re:'Test update'

[ajzimm3rman]

How many employees does it take to NOT post a test update to a live update server? Apparently thousands...

Typical

just another Microsoft fuckup. Yawn.

Don't panic

[custers]

"Microsoft confirmed Wednesday that a suspicious-looking update pushed out to Windows machines globally in the early hours was nothing more than a test gone errant."

http://www.zdnet.com/article/m...

Re:Don't panic

Convenient how they don't explain WHAT the update was supposed to do or HOW it got pushed out or WHICH steps they are taking to ensure it never happens again.

Bad Summary - Sensationalist

[alzoron]

The summary makes it sound like this is all a mystery and insinuates that Microsoft's update servers may have been compromised, however, the linked articles state that it was simple a mistakenly pushed test patch and nothing nefarious at all.

Re:Bad Summary - Sensationalist

[QuietLagoon]

How long before the problematic "test" updates hit the Windows 10 environment with the forced update "feature". At least with my current Windows 7 environment, I was able to not run Windows Update until I learned of the root problem. With Windows 10, I won't have that option.

Re:Bad Summary - Sensationalist

[Zero__Kelvin]

Welcome to the internet, where the content you point to might not be the same 12 hours later, even though you never changed your pointer.

Non-issue - back to work

[ripvlan]

yeah - turns out to be a mistake. We can delete this post and all conversation after it.

Re:Non-issue - back to work

[PRMan]

Or Microsoft covering for a government install that was caught.

Re:Non-issue - back to work

[hyperar]

Or Microsoft covering for a government install that was caught.

Here, your tinfoil hat just fell off

Re:Non-issue - back to work

Shouldn't you get back to being an unpaid beta tester and providing Microsoft with your every action? Tools don't get time off.

Re:Non-issue - back to work

Dissect the payload to find out.

Re:Non-issue - back to work

[wonkey_monkey]

Slashdot didn't retract or even acknowledge a story that's an outright falsehood, so why would they do anything about this?

Re:Non-issue - back to work

Yeah, a test to see if eveyone falls in to the trap.

Re:Non-issue - back to work

[ripvlan]

Yeah - I had a similar thought later. Maybe MS is coding special features for gov't computers - maybe a honeypot monitoring service to catch hackers.

Or patching a known vulnerability for just Gov computers because the NSA asked it to be left open for the general public.

Then I turned on the TV and stopped thinking.

zd got it

http://www.zdnet.com/article/microsoft-accidentally-issued-a-test-windows-update-patch/

NO U TRY TO BE MORE ORIGINAL

The test was a success

[Required+Snark]

It verified that Microsoft hasn't changed a bit, and they are still a bunch of arrogant idiots.

Oh please

[kuzb]

The same article also explains that it was a test update that they released by accident. Human error isn't exactly unbelievable when it comes to computer software. The tinfoil hat jobs are just doing what they always do around here - spreading FUD.

Re:Oh please

Yeah, but inane conspiracy theories are more fun, plus they drive more revenue for Dice.

Re:Oh please

What part of that the story was "updated" didn't you understand? Or that it took time for Microsoft to state it was a test, after the rest of us started being seriously concerned by it?

And no, after the telemetry-dialing-with-no-way-to-turn-off fun, Microsoft is utterly fair game for all concern and criticism. They've earned their FUD, all of their PR-flacks-attempting-spin-control to the contrary.

The tinfoil hat crowd has been right enough of late to warrant more trust than Microsoft, or apparently you, can engender.

Re:Oh please

[Zero__Kelvin]

"The same article also explains that it was a test update that they released by accident."

No. A different article pointed to be the same URL explains that. You should probably learn how the internet works some day if you are going to make snarky comments on Slashdot.

Re:Oh please

[david_thornley]

Okay, how much responsibility did they take? Any? The Ars claim is that Microsoft said it was a test update that accidentally made it out, no further information. That's not much of an explanation. Has Microsoft apologized? Maybe, but I'm not aware of it.

If Microsoft does something positive for people about this incident, tells us what went wrong, and actually apologizes, your comment may become relevant. It isn't now.

IDIOTS!

Many of us have been saying the for over a decade; If you use Windows at ALL. ANY VERSION, you need to turn off all automatic updates, and control them manually, and always have a way to undo it.

Re:IDIOTS!

[JediJorgie]

That is way to much work for personal devices. I have the data I care about on multiple backup drives and I have a Windows install USB drive handy. If an update breaks my system, I can be back up and running in less than a hour from bare metal. The data you care about needs to be backed up anyway, so it would be nothing but a waste of time for me to review all the updates that come out. I set Windows to ask before it reboots, and beyond that, updates are automatic.

Re:IDIOTS!

You know what is a waste of time? When Windows decides to randomly start downloading updates while I'm trying to use my computer and my bandwidth.

Your method is incredibly short sighted and stupid. By the time you notice a rogue update and try to restore from backup, it will be too late. Your data will have been compromised. Stay away from IT work, kid. You'd only get fired for incompetence.

All your OS is belong to China hackers

[WillAffleckUW]

Trust?

Silly rabbit, trust is for naive fools.

So it was just an error with no consequences

[hyperar]

I've been reading the support forum links where people claim that their PC where nuked with this update, nothing worked, everything failed, no System Restore, bla bla bla. I'm amazed how far the MS hate goes, even making up stories.

Re:So it was just an error with no consequences

As if Windows wouldn't do all of those things if you had updates disabled and cut the network cable.

Re:So it was just an error with no consequences

[Zero__Kelvin]

"I've been reading the support forum links where people claim that their PC where nuked with this update, nothing worked, everything failed, no System Restore, bla bla bla. I'm amazed how far the MS hate goes, even making up stories."

You make a great point. It was a test update. There is no possibility at all that it would cause any problems. Wait ... why was it a test rather than a release update again?

Re:So it was just an error with no consequences

[hyperar]

"I've been reading the support forum links where people claim that their PC where nuked with this update, nothing worked, everything failed, no System Restore, bla bla bla. I'm amazed how far the MS hate goes, even making up stories."

You make a great point. It was a test update. There is no possibility at all that it would cause any problems. Wait ... why was it a test rather than a release update again?

I don't know, do you?, but lets give it some thought, shall we?, ok:

1) How many people actually claims that the update break their PC... -> 1.
2) How many people has been exposed to the update... -> Probably millions since it was global.

I think that if this update could cause problems to PCs, we would have heard more people complaining other than that tinfoil hat idiot that makes accusations based on its ignorance and prejudice.

We all know MS is not an angel, but i can't understand why people go as far as to making up stupid stories to harm MS, i mean, they harm themselves, they don't need our help to look stupid.

Re:So it was just an error with no consequences

[Zero__Kelvin]

"1) How many people actually claims that the update break their PC... ->1.
2) How many people has been exposed to the update... -> Probably millions since it was global."

You seem to mistakenly think that all PCs have the same software including versions on them. It is entirely plausible that the people who claim to have had their PCs broken had their PCs broken. Your belief that you have proof, even inferred proof, to the contary, is absurd.

Re:So it was just an error with no consequences

[hyperar]

"1) How many people actually claims that the update break their PC... ->1. 2) How many people has been exposed to the update... -> Probably millions since it was global."

You seem to mistakenly think that all PCs have the same software including versions on them. It is entirely plausible that the people who claim to have had their PCs broken had their PCs broken. Your belief that you have proof, even inferred proof, to the contary, is absurd.

What's absurd is to think that that person had an unique configuration among millions of people. Let's do the following, why don't you gather some evidence other than this idiot claiming his PC died because of a test update?, i don't argue with people with prejudices.

Re:So it was just an error with no consequences

[hyperar]

"1) How many people actually claims that the update break their PC... ->1. 2) How many people has been exposed to the update... -> Probably millions since it was global."

You seem to mistakenly think that all PCs have the same software including versions on them. It is entirely plausible that the people who claim to have had their PCs broken had their PCs broken. Your belief that you have proof, even inferred proof, to the contary, is absurd.

What's absurd is to think that that person had an unique configuration among millions of people. Let's do the following, why don't you gather some evidence other than this idiot claiming his PC died because of a test update?, i don't argue with people with prejudices.

Forgot to mention, this dude claims his LAPTOP died because of the update, good luck finding an unique laptop configuration between millions of people.

Re:So it was just an error with no consequences

[Zero__Kelvin]

"Forgot to mention, this dude claims his LAPTOP died because of the update, good luck finding an unique laptop configuration between millions of people."

Holy shit. You really are clueless, aren't you? Please, prey tell, what makes a laptop fundamentally different from a desktop? For bonus points, prove that you found all the people on the planet that had problems, or claim to have had problems, online. For extra bonus points, prove that most people who had their systems hosed have a second system with which to post to forums from, and bother to post about it in a forum.

Re:So it was just an error with no consequences

[hyperar]

"Forgot to mention, this dude claims his LAPTOP died because of the update, good luck finding an unique laptop configuration between millions of people."

Holy shit. You really are clueless, aren't you? Please, prey tell, what makes a laptop fundamentally different from a desktop? For bonus points, prove that you found all the people on the planet that had problems, or claim to have had problems, online. For extra bonus points, prove that most people who had their systems hosed have a second system with which to post to forums from, and bother to post about it in a forum.

No, not really, you on the other hand, want to prove something without really giving any evidence just because you don't like MS. What makes Laptops different from Desktops?, really, can't you just figure it out yourself, it's pretty obvious. Again. Please, find evidence, then come back to me, i really don't have time to argue with random fanboys on the internet.

Re:So it was just an error with no consequences

[Zero__Kelvin]

As a software developer, hardware engineer and system administrator with more than 20 years of Linux and Windows OS experience I can tell you that the only difference between a laptop and a desktop is the current draw of the hardware and the size and cost of the system. Since your claim is that I am wrong, please do elaborate and expose me as the charlatan you no doubt will claim I am!

Re:So it was just an error with no consequences

[david_thornley]

There's dozens of versions of Windows 10, counting different languages. There's all sorts of applications, and an OS bug could affect only a few of them. It's easy to have a unique software configuration.

There's also hardware configurations. Many people buy low-end laptops, for example, and those tend to be assembled from the cheapest components on the last boat from Taiwan or somewhere that pass the tests. There are millions of laptop hardware configurations out there.

Re:So it was just an error with no consequences

[hyperar]

There's dozens of versions of Windows 10, counting different languages. There's all sorts of applications, and an OS bug could affect only a few of them. It's easy to have a unique software configuration.

There's also hardware configurations. Many people buy low-end laptops, for example, and those tend to be assembled from the cheapest components on the last boat from Taiwan or somewhere that pass the tests. There are millions of laptop hardware configurations out there.

Wasn't this a Windows 7 Update?

Re:So it was just an error with no consequences

[hyperar]

As a software developer, hardware engineer and system administrator with more than 20 years of Linux and Windows OS experience I can tell you that the only difference between a laptop and a desktop is the current draw of the hardware and the size and cost of the system. Since your claim is that I am wrong, please do elaborate and expose me as the charlatan you no doubt will claim I am!

Hahaha, you can't be for real, so, between a desktop that one can put together choosing each part there's no difference to notebook which are sold as is with no chance (other than disk and memory) to be modified, you're telling me that, in the whole world, within the millions of people that recieved the update, there wasn't a single laptop like the one this tinfoil hat idiot had?, i don't care about which games he had installed, i'm talking about system critical components that could have rendered his laptop useless, there wasn't a single one?. Need i remark that the update didn't installed in a single PC?, Need i remark that there wasn't another person claiming that his PC was useless after it (or even having minor problems)?, Need i point out that this paraniod douchebag could be infected previously?.

"My laptop was screwed after the update," the user, ByGodZombie, reported in a comment to this post. "Windows explorer crashes VERY frequently now and most of my programs stopped working even in admin mode. System restore didn't work and I don't have the information I need for a reinstall. Basically whatever it was killed my system and compromised my gear so I wouldn't want to look up anything sensitive to personal data on your machine."

Need i remark that this dude claims that his PC was "compromised" by a Windows update that turned out to be legitimate and not a malware as those who jumped into conclusions to early claimed?. And last but not least: Can you point to a single, well documented problem generated by this update from a respectable source?. NO?, what a surprise, i did not see this coming. P.S.: From the internet-random-dude-making-accusations-without-giving-any-evidence.

I don't have the information I need for a reinstall.

Are we talking about a pirated copy of Windows here?.

Re:So it was just an error with no consequences

[Zero__Kelvin]

" i don't care about which games he had installed, i'm talking about system critical components that could have rendered his laptop useless"

"I don't have the information I need for a reinstall."

Are we talking about a pirated copy of Windows here?.

Kid. There is an old wise saying: "Tis better to remain silent and be thought a fool, than to open your mouth and remove all doubt"

"Need i remark that this dude claims that his PC was "compromised" by a Windows update that turned out to be legitimate "

That's a strange claim, since even Microsoft isn't claiming it was legitimate.

Re:So it was just an error with no consequences

[hyperar]

" i don't care about which games he had installed, i'm talking about system critical components that could have rendered his laptop useless"

"I don't have the information I need for a reinstall."

Are we talking about a pirated copy of Windows here?.

Kid. There is an old wise saying: "Tis better to remain silent and be thought a fool, than to open your mouth and remove all doubt"

"Need i remark that this dude claims that his PC was "compromised" by a Windows update that turned out to be legitimate "

That's a strange claim, since even Microsoft isn't claiming it was legitimate.

Haha, you keep getting better, you keep posting everything but evidence to backup your claims. Then you call me kid, in a very very very poor attemp to attack me to "win" the argument since you don't have proof to backup your clams and then denied that the Test Update was issued by MS itself. Well, i'm done here, but you can keep making yourself look stupid all you want.

Re:So it was just an error with no consequences

[Zero__Kelvin]

Dear moron. My only claim is that you don't know if the person is making it up or not. My only claim is that you have made a claim you can't prove. Unless you can prove your claim, that proves my claim. Unless you back up your claim that he is making it up, my claim stands on its own merit. I don't have to prove anything. You seem to be so stupid that you think I am claiming that the update did break his computer. That was never my claim, and any moron would understand that. OK. Well not any moron, as you don't seem to understand it.

Re:So it was just an error with no consequences

[Zero__Kelvin]

" then denied that the Test Update was issued by MS itself"

Holy shit you are fucking stupid. I didn't say M$ claimed it wasn't from them. I said M$ admitted it wasn't a legitimate update. It was an erroneous test update. You clearly don't know what the word legitimate means either. Holy fucking fuck. Your stupidity astounds.

Re:So it was just an error with no consequences

[hyperar]

" then denied that the Test Update was issued by MS itself"

Holy shit you are fucking stupid. I didn't say M$ claimed it wasn't from them. I said M$ admitted it wasn't a legitimate update. It was an erroneous test update. You clearly don't know what the word legitimate means either. Holy fucking fuck. Your stupidity astounds.

Oh no, you used the M$, you won the argument, oh shoot, you insulted me, i can't argue with such a strong mind, hahaha, good luck next time dude.

Re:So it was just an error with no consequences

[Zero__Kelvin]

Imagine my surprise that you lost and are still trying to deflect your loss :-) Later loser ...

Re:So it was just an error with no consequences

[hyperar]

Imagine my surprise that you lost and are still trying to deflect your loss :-) Later loser ...

Hahahahahahahahaha. And you call me a kid, hahahahahahahahaha.

Re:So it was just an error with no consequences

[david_thornley]

Missed that, sorry. There's dozens of versions of Windows 7 also.

Re:So it was just an error with no consequences

Numerous people with Alienware, Clevo, Samsung and LG panels have reported that Windows 10 destroys some displays due to either screwing with UEFI/BIOS/VBIOS or trying to drive the display at the wrong refresh rate. I certainly don't put hardware damage past Microsoft's latest malware release.

Re:So it was just an error with no consequences

[Wolfrider]

--My friend's PC was nuked just like they are saying. You gonna call me a liar?

--She was called into work *after having had time off approved for the day* because her primary Win7 PC crashed and System Restore would not fix it. I suspected it was a bad Win update, and the repair tech confirmed it. Her office was taking orders manually all day because of this.

Re:So it was just an error with no consequences

[hyperar]

--My friend's PC was nuked just like they are saying. You gonna call me a liar?

--She was called into work *after having had time off approved for the day* because her primary Win7 PC crashed and System Restore would not fix it. I suspected it was a bad Win update, and the repair tech confirmed it. Her office was taking orders manually all day because of this.

No, i'm calling you random person from the internet which doesn't present evidence other that "the update broke my friend's PC". Later saying "I suspected it was a bad Win update" really doesn't help your case.

Re:So it was just an error with no consequences

[Wolfrider]

--Try reading what I wrote again, you moron. You're making yourself look bad (again.)

Re:So it was just an error with no consequences

[hyperar]

--Try reading what I wrote again, you moron. You're making yourself look bad (again.)

Nooo, am i making myself look bad?, Again?. Well, let's see, I guess that since you're Wolfrider, King of the Internet truth, and your friend got the day off because her PC just died and Help Desk said it was a win update (haha, which one?, did they told you?) i guess that Microsoft lied (and your friend and the other dude got owned in the whole world) and that random internet dude and you are telling the truth. Sophos Naked Security

Because the update seems to have existed only as a test of the notification process, and not as an update package that could actually be installed, it seems to have been a fake update, too.

So, you can stand down from red alert.

It was a harmlessly incorrect genuine botched fake update.

But what?, the update is a dummy file?, it can't be installed you say?, noooooo, Wolfrided was making up stories?, who would have thought it, right?.

Was it me the one making himself look bad? Again?, well, guess again buddy.

Re:So it was just an error with no consequences

[Wolfrider]

--What are you, twelve? Buh-bye, troll. *mic drop*

Re:So it was just an error with no consequences

[hyperar]

--What are you, twelve? Buh-bye, troll. *mic drop*

Haha, you trolls just keep getting better.

Re:It's your own fault for being a LUDDITE!

I'm guessing "rjparker1" is some kid who hasn't a clue about computers, business, privacy or responsibility and who doesn't use the computer his mommy and daddy bought to create, but only to consume.

It's funny how these stupid little shits pop up thinking they know their way around technology because they watch YouTube, post on Facebook and play computer games.

cant beleive people are still patching windows 7

I mean, after all they are trying to fuck up the system with windows 10 inspired shit, do you really need an update? i cant even remember blaster, it was SO LONG AGO. There is a fucking remote posibility you are going to leave something open for enought time and at the same time a blaster event happens. Its not worth it, windows update is just a cause for mental stress, id rather be reformating again than having to fish inside windows update to individually uninstall spy patches, it takes SO long, not worth it

False Alarm

It's Clippy trying to force a Windows 10 update.

can anyone explain this?

[slashmydots]

What do they mean by "trusted?" Like a trusted software publisher? Like Microsoft...like all the updates are marked?

I "Want" to Believe - Fight the Future

The problem with a "mono-culture" is all it takes is one virus to take out everything.

glass houses

[JediJorgie]

It is so uplifting to find so many people who have never made a mistake in their professional careers.
I am sure those around you are giddy as they read your witty posts on Slashdot calling out "those idiots at Microsoft".
I applaud you and the personal perfection that arms you with such stones.

off topic for a purpose

[rewindustry]

please help me rattle EASTLINK? i'm trying to get my own firehose submission upvoted - i think eastlink internet are hiding a serious security issue.

http://slashdot.org/submission...

Sure you will.

If you're not running a firewall capable of blocking Winders Upderts, you're doing it wrong. For reference, you're also doing it wrong if you run Linux, OS X, various BSDs, or whatever without a capable firewall.

You're also doing it wrong if you're using a 'Home' edition.

The 'ablooblooforcedupdates' bit is, frankly, a non-issue. If you're using a 'Home' edition, you're the sort of person who needs updates foisted upon you.

Now, if you want to bitch pointlessly on Slashdot, I'd suggest hitting them below the spyware-from-windows-10-foisted-upon-windows-7 belt.

Re: Sure you will.

I might be the sort of person that needs updates foisted upon me, but I'm not sure that includes escaped test updates that brick my computer. Sure, it might make the Intarwebs a bit less crowded for a while as I and the other plebeians with Windows Home Edition try to coax a nephew into reinstalling our machines, but still, Microsoft should know a whole lot better.

Re: Sure you will.

None of those things would be required if Windows was well made.

Re: Sure you will.

[Man+On+Pink+Corner]

Bullshit. No OS is "well made" enough that it will never need security updates. Not Windows, not MacOS, not Linux, not *BSD.

This is why it's really, really important for OS providers to maintain a trustworthy update service. If they use it for advertising purposes, or sell it out to various government agencies, or allow incompetent personnel to push "test" updates to the entire planet, it's no longer trustworthy. That means their OS itself is no longer trustworthy, if in fact it ever was.

Nobody at Microsoft seems to have the first clue how important Windows Update actually is, and how important it is not to screw with it. Windows Update is Windows, not just in a de-facto sense but as a vital corporate strategy. It's time they started acting like it.

Re: Sure you will.

Any operating system can come fully secure. Windows doesn't because it's a pile of shit.

Re: Sure you will.

Windows Update, as in the software itself, is a complete piece of trash. Takes hours, upon hours, to just "scan for updates" -- and then have the process fail for some cryptic error code which leaves you googling for answers.

I am so very glad I don't run Windows on any of my systems anymore.

Re: Sure you will.

News flash: everything made by Man or God is a pile of shit that will eventually need fixing. The only question is whose problem it is.

There was some room for Microsoft to add value in that respect, but Nadella seems intent on squandering the opportunity.

Re: Sure you will.

Handwave all you want, only Windows is a pile of shit.

Re: Sure you will.

I dislike Windows quite a bit, but I dislike idiots like you even more. Fuck off.

Re: Sure you will.

Go dig a hole and die in it, you worthless little shit.

You can't trust *anything* from Microsoft

They won't show you the code they build from and it's *known* to contain malware.

I'm amazed we are still having this discussion. However some people are just too stupid to move. Excuses excuses. They push the blame off (it's a non-issue because of x, y, z) or otherwise say, "but I can't do X". Well, if you don't move you'll never be able to do X. I moved in 2000 knowing full well that I wouldn't be able to do a few things and/or have to learn to do things differently. Well, in 2015 there isn't a dang thing I want to do that I can't and there hasn't been for 10 years. And then I became part of the solution too enabling other less technical users to adopt the operating systems. If you just 'give up' you'll never be able to move.

Re:You can't trust *anything* from Microsoft

[cfalcon]

Gaming on Linux is punishment. Sorta doable on OS X. Not really the fault of these OSes, but it is still true.

Windows 10 is so scary I'm considering running a PC for gaming and a Linux PC for all other things, including just web browsing. I have dual boot, but it ends up meaning I spend less time in Linux than I should.

It was only...

[Sir_Eptishous]

a weather balloon!

Re:It was only...

a weather balloon!

Smells more like swamp gas to me, from MS.

The truth is not out there.

[PopeRatzo]

Windows 10

Trust no one.

Peer compared updates

Have been working on a solution to problems like this. Anyone know of anything like this?

https://docs.google.com/document/d/19B-KAWcswwQ8ulGSKfgKkrICp_f6Cr4Eo68m_o1T1bE/edit?usp=docslist_api

Re:Peer compared updates

nice try

Of course it was a test

Because if the server got hacked it would be the end of the world.

A singular event that could take down MS.

Not Good

I finally woke up and realised the monoculture thing is killing us. I had too many eggs in Microsoft's basket, in Google's basket, so I divested and made myself more secure.

- I dumped Windows and went permanently to Linux
- I dumped my Outlook.com email address and went to my own paid email
- I dumped my iPhone and went to an Android phone I'm about to root and put on a custom ROM
- I don't use the "cloud" for backups. I backup locally x3, plus bank vault 3x year, plus encrypted SD card x2 on person. If all these go wrong, I'm screwed.

I'm done being a product, I want to be a customer.

Re:Not Good

If you're done being a "product", then you shouldn't have switched to android, my friend. You actually didn't mention any google services that you divested yourself from.

why .GOV links???

A test or not, but why are there .gov hyperlinks in the MS update pages???? is this for real that MS is directing us to U.S. government websites?

Re:why .GOV links???

[hyperar]

A test or not, but why are there .gov hyperlinks in the MS update pages???? is this for real that MS is directing us to U.S. government websites?

Most likely is to make sure that those don't exists, since they are pretty restricted access TLDs, anyone can get a .com, or a .org, pretty much nobody can get a .gov

Re:why .GOV links???

RFC2606. Absolutely nobody can get a .invalid
Is MS now allowing random interns to push crap via WU?

Slowdot

The article had been updated to include Microsoft's statements before it was ever posted here.

you can't trust Windows Update any more.

[swschrad]

whatever crap is lying around, evil, benign, or beneficial, rolls out the same way. there is nothing in the description. MS is using misdirection to trick you into installing Win10. these guys are getting as bad as botmasters. auto-updates are turned off on my home machines, and if I can't determine whether something is important, it doesn't get installed.

I want to upgrade to OS/X

[swschrad]

MonsterSlop, however, is not listing that in the descriptions.

Black Hat holy grail.

[Lumpy]

This right here would be what makes black hats drool. Get a payload in the Windows update server that is signed with keys that pass. you do that and you utterly own 60% of the internet in a span of 8 hours.

If you were smart about it, you would do a quick test that is benign. changing only 2 bytes in a MS patch and then look for it. If that works you get your best rootkit that you can conceive and get it out there. now WAIT for about 25-45 days and have it download and install the nasty that you want to unleash.

Luckily 99% of the black hats are so ADD that they shoot their load as soon as they can and brag all over the internet. It's that 1% that you never hear about and are never caught that are the truly dangerous ones.

Re:Black Hat holy grail.

[jafac]

It's that 1% that you never hear about and are never caught that are the truly dangerous ones.

. . . you mean, the NSA. . .

testtesttest enter your credit card here testtest

[swschrad]

they're still fscking weasels, whether it's Microsoft or malicious. uh, wait, it's too hard to tell them apart, now.

Terrible summary

[wonkey_monkey]

At the very least, you could have briefly explained what was suspicious about it.

Yes, Microsoft Windows Update is compromised

[idontgno]

By Microsoft.

Anyone who blindly installs updates deserves all the crap they get.

Nothing to worry about

[mwvdlee]

It's just some untested code forcibly installed on your computer due to a flaw in the release process.

Re:Nothing to worry about

At least it was not systemd for windows, phew!

Re:cant beleive people are still patching windows

[mrbester]

Blaster? I still giggle about Code Red and Nimda.

comment subjects are stupid

[jafac]

UPDATE: Microsoft says there's nothing to worry about, the company "incorrectly published a test update."

But what if someone compromised the Slashdot Update?

They are just trying to obsolete Win 7 PC's

They messed up this update and everyones computers were crashing too much. The goal was to make your old computer slower and more prone to crashes over time, so you would finally give in and update to Win 10.

Huh

[koan]

All I can say is "Win10 auto update"

Ruse.

If you haven't already disabled Automatic Updates a month ago pop yourself in the head like wow you could have had a V8.

http://apple.slashdot.org/comments.pl?sid=8091739&cid=50624053
http://apple.slashdot.org/comments.pl?sid=8091739&cid=50625183
http://apple.slashdot.org/comments.pl?sid=8091739&cid=50625189

THESE
https://gitlab.com/windowslies/blockwindows
^(have to uncomment the #'s on two url's in the hosts file per latest change)
https://senk9.wordpress.com/checklists/windows-10-privacy-checklist/

IMO (in my opinion) the senk9 link... take the uninstall advice there. Then reboot. Then use the hosts file from the gitlab link here
https://github.com/WindowsLies/BlockWindows/blob/master/hosts

Click on raw, then save it or copy it into notepad. I noticed the last update of that guy's hosts file had two update url's commented out with "#". If letting those update url's pass... it seems to defeat the purpose. Put them in the right place for a hosts file in Windows. Either append them to what exists, or rename the default to something like hosts_default and just use the one from above.

Locations for hosts file here: https://encrypted.google.com/#q=hosts+file+location+windows
Removing those "#"'s so they are active (currently two of them and they stand out like sore thumbs), and also disabling automatic updates of course, should hypothetically stop their spyware from installing... no guarantees. They did it on purpose. You can also just rename the hosts file to something like hosts_disable any time and check for updates if you want to. Then rename it back after you check... but there's the chance they send you some updated addresses.

Win10?

I thought they were trying to push out Win10 again.

Microsoft update causes Brain Damage!

[aNonnyMouseCowered]

Nerves rattled? Scanning the title I thought a Microsoft update literally caused Brain Damage that caused users' pointer fingers to shake uncontrollably on top of their mouse.

Re:Microsoft update causes Brain Damage!

The brain damage is the cause, not the effect.

'I find your Lack of faith Disturbing...'

whoosh.. ha.. whoosh.. ah

Microsoft is widely misunderstood.

A lot of people think that Microsoft is a software company. It isn't. Microsoft's core business is evil. Microsoft merely uses software as a way of delivering evil.

My opinion, shared by many.

Agreed on "goiter man" Peter Bright

Peter Bright's a total moron. Ever see his photo? Note he covers his chin? He looks like a goiter case!

So the accidently pushed test code...

[DarkOx]

So Microsoft potentially pushed test code to everyone's production systems. That makes me feel so much better.

These are not the droids you're looking for...

No, really...

Coren22 CRUSHED & dominated (by facts)

Aryeh Goretsky NOD32/ESET agrees hosts = good security -> http://it.slashdot.org/comment...

Oliver Day (Symantec) does too -> http://www.securityfocus.com/c...

MalwareBytes' hpHosts BOTH hosts & recommends my APK Hosts File Engine 9.0++ SR-2 32/64-bit -> http://hosts-file.net/?s=Downl...

---

* HOW MANY REAL SECURITY PROS (not menial wannabe rookie like you) DO I NEED TO KNOCK THE CHOCOLATE OUT OF YOU SOME MORE?

---

Those security pros?

They INCLUDE ME too you noobie rookie obvious dimwit as I work with those guys from malwarebytes' hpHosts on a fairly regular basis!

I've worked professionally for decades as a combined domain-wide network admin & software engineer professionally since 1994 (with ME showing you HOW to migrate a hosts file across an enterprise -> http://slashdot.org/comments.p... )

(I've also been securing computers + WRITING GUIDES (which you told me you learned from guides) + WARES TO DO IT 1,000's to MILLIONS USED, probably LONGER THAN YOU HAVE BEEN ALIVE possibly BEING PAID FOR IT -> http://pcpitstop.com/news/winn... )

---

You're all TALK & can't back it -> http://slashdot.org/comments.p...

APK

P.S.=> YOU say "hosts=bad" (yet they add security, speed, & reliability) & bitch about using admin privelege (first) to UPDATE them vs. threats online:

"So, have you figured out why privilege escalation is a bad thing yet?" - by Coren22 on Tuesday September 22, 2015 @05:15PM (#50577809)

Hypocrite - You admit using admin priv yourself & how else could I programmatically update hosts minus it inside Windows?

---

"Of course it requires elevation to write to the hosts file" - by Coren22 (1625475) on Wednesday September 23, 2015 @05:35PM (#50585879)

Since you're MENIAL ASS limited in skills self doesn't code (& didn't even KNOW that) & CLUE/FACT:

Even MalwareBytes AntiMalware (best there is) DEMANDS you use admin privelege (you saying it's "bad" too?) it can't do its job fully otherwise, like many security tools... apk

Re:Coren22 CRUSHED & dominated (by facts)

[Coren22]

Mooo says the cow, MOOO

actually

[gzuckier]

a 14 year old Muslim kid put it together from spare parts. he took it to school and told everybody he built a Windows 7 update.

This is just

A CIA injection test.

Nothing to see here.