Slashdot Mirror
Nerves Rattled By Highly Suspicious Windows Update Delivered Worldwide
An anonymous reader writes: If you're using Windows 7 you might want to be careful about which updates you install. Users on Windows forums are worried about a new "important" update that looks a little suspect. Ars reports: "'Clearly there's something that's delivered into the [Windows Update] queue that's trusted,' Kenneth White, a Washington DC-based security researcher, told Ars after contacting some of the Windows users who received the suspicious update. 'For someone to compromise the Windows Update server, that's a pretty serious vector. I don't raise the alarm very often but this has just enough characteristics of something pretty serious that I think it's worth looking at.'" UPDATE: Microsoft says there's nothing to worry about, the company "incorrectly published a test update."
Microsoft said a highly suspicious Windows update that was delivered to customers around the world was the result of a test that wasn't correctly implemented.
They were just checking to see if you really wanted to upgrade to Windows 10
The summary makes it sound like this is all a mystery and insinuates that Microsoft's update servers may have been compromised, however, the linked articles state that it was simple a mistakenly pushed test patch and nothing nefarious at all.
I told you so.
Somehow I don't believe you. Care to provide a link to the post in which you said that Microsoft would accidentally post a test package to the production Windows Update service?
All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
I've been reading the support forum links where people claim that their PC where nuked with this update, nothing worked, everything failed, no System Restore, bla bla bla. I'm amazed how far the MS hate goes, even making up stories.
If this continues, I wouldn't do real work on [windows] ever again.
So this time didn't do it for you? There has to be another time? Given Win7+'s mod to auto install fixes deemed by MS to be critical, I think that time was at least years ago. Even IBM jumped ship.
The cesspool just got a check and balance.
Does anyone seriously believe that if their servers have been compromised that they would be honest and admit it? With the Windows 10 debacle on everyone's mind it is highly likely that someone compromised their servers to prove a point that their claim that everyone's data is safe in their hands is bullshit. It really doesn't matter, because even if their claim is 100% honest it amounts to this: Microsoft cannot be trusted. Period.
What is that you say? Never ascribe to malice that which can be explained by incompetence? Oh, I totally agree, with the exception that I would say "as a rule" rather than never. The problem is it doesn't matter if you can't trust them because they are malicious, or you can't trust them because they have proved their incompetence. Either way, they have now proved beyond a shadow of a doubt that they must not be trusted, because they are definitely and provably not trustworthy. We can all speculate as to why nobody should trust them, but no reasonable person would assert, as of today, that they should be trusted.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Bullshit. No OS is "well made" enough that it will never need security updates. Not Windows, not MacOS, not Linux, not *BSD.
This is why it's really, really important for OS providers to maintain a trustworthy update service. If they use it for advertising purposes, or sell it out to various government agencies, or allow incompetent personnel to push "test" updates to the entire planet, it's no longer trustworthy. That means their OS itself is no longer trustworthy, if in fact it ever was.
Nobody at Microsoft seems to have the first clue how important Windows Update actually is, and how important it is not to screw with it. Windows Update is Windows, not just in a de-facto sense but as a vital corporate strategy. It's time they started acting like it.