Microsoft Announces 'Cumulative' Updates Will Become Mandatory For Windows 7 and 8.1

Microsoft's now changing the way updates are delivered for Windows 7 and 8.1. Slashdot reader JustAnotherOldGuy writes: Microsoft's Senior Product Marketing Manager Nathan Mercer just announced that, "From October 2016 onwards, Windows will release a single Monthly Rollup that addresses both security issues and reliability issues in a single update... Each month's rollup will supersede the previous month's rollup, so there will always be only one update required for your Windows PCs to get current."

What this means is that individual patches will no longer be available after October 2016, and Windows 7 and Windows 8 users will now only have two choices: stop updating completely and leave your computers vulnerable to security holes, or accept everything single thing Microsoft sends you whether you want it or not.
Microsoft says their new approach "increases Windows operating system reliability, by eliminating update fragmentation and providing more proactive patches for known issues." They added that "Several update types aren't included in a rollup, such as those for Servicing Stack and Adobe Flash," and that "the .NET Framework will also follow the Monthly Rollup model." According to Microsoft's blog post, they'll also be releasing a monthly "security-only" update, but again, "individual patches will no longer be available".

stop updating completely

[turkeydance]

easy. thanks.

Re:stop updating completely

[fustakrakich]

That option will soon be disabled also. Most people won't care enough to switch to anything else. The dependency is too powerful.

Make an image of your system beforehand, so you can make a clean install from that if you need to.

Re:stop updating completely

They can't disable it if you have updates disabled in the first place. I haven't updated Win7 in about four years, and none of this effects me.

Re:stop updating completely

[Thanatiel]

Exaclty.
I wonder if someone has all the IPs used for updates, so it can be block without a fault at the firewall (not the "firewall" in windows)

Re:stop updating completely

[fustakrakich]

They can't disable it if you have updates disabled in the first place.

Make sure to check that occasionally. I use their "security essentials" because all the anti virus programs are equally worthless, and it can change your update options when you're not looking.

Re:stop updating completely

[ProzacPatient]

That option will soon be disabled also.

I'm guessing you'll need the Enterprise edition to have that option. I wonder what else they'll disable in Windows 7/8.1 Pro.

Re:stop updating completely

All of those idiots have already been moved to Windows 10, whether they liked it or not.

Re:stop updating completely

You could always add the following registry key:

SOFTWARE\Wine\Wine\Config

Microsoft checks for WINE iirc so they don't push updates to it.

Re:stop updating completely

[Man+On+Pink+Corner]

Agreed. I've left Windows Update completely off since the first appearance of GWX. So how exactly did I get an unsolicited 447-megabyte installation of Silverlight 5.1.50428.0 on August 6? I still run Security Essentials scans every so often, and I allow to update its malware definitions each time. I'm guessing that's where the Silverlight installation came from. Must be one of those "malware definitions."

Clearly a monthly rollup is the right thing to do, considering how long it takes to bring a new Windows installation up to speed. But given their track record, I'd be crazy to allow Microsoft to make changes to my system that can't be rolled back. It would be different if I could trust them to act in my interests in addition to their own. Instead, the continuous stream of lies and incompetence we've seen from the Windows Update team over the past couple of years, including a number of "bugs" and "mistakes" whose effects suspiciously seem to accrue exclusively to Microsoft's benefit, have made it inadvisable to do so.

It's not the policy that annoys me, it's the bullshit.

Re:stop updating completely

"Affects", not "effects".

Re:stop updating completely

that's only step one...

step 1. turn off updates

step 2. disable the annoying action center notification that you did step 1...

step 3. download and install updates on at least a semi-regular basis using http://download.wsusoffline.ne...

step 4. tell microsoft to 'fuck off'

i am DONE with fucking around with *brand new installs* and fresh factory restores of windows that have broken windows updates. it doesn't matter if you skip everything and just do service pack first, or do the new windows 7 cumulative update that was just released.. or let windows update do everything on its own in the background.. IT DOESN'T FUCKING WORK. the update fixit doesn't "fixit", the tweaking.com repair tool used to work sometimes... but not often enough... so that's it. FUCK MICROSOFT.

if they can't deliver the updates reliably, and ONLY the ones i want, then FUCK THEM. i will use my own method of obtaining the important updates, and one with a much longer track record of *success* than microsoft's own delivery methods. and it's portable, too. download all the (actually important) updates for every supported windows and office in one shot, stick them on an external and no more hassles with cryptic windows update errors and absolutely useless support articles, forum posts and other totally off-base, wrong, doesn't work worth shit 'solutions'...

the really sad part is, the third-party wsus offline updater USES WINDOWS UPDATE AGENT CLIENT SIDE to determine whether an update applies and if its already installed.. and it WORKS, unlike the actual windows update function in windows.

the last windows 7 sp1 install i did that actually worked for windows update.. ran the update check for FOUR AND A HALF FUCKING DAYS, and it wasn't exactly one of netbook performance levels either.

and ya know, windows 10's "cumulative" take-ever-update system doesn't work for shit, either... better but still shitty and broken half the time... but with no control and less data presented to the user so they have no fucking idea what the hell is going on.

Re:stop updating completely

[tepples]

I wonder if someone has all the IPs used for updates, so it can be block without a fault at the firewall (not the "firewall" in windows)

Do USB cellular dongles for PCs have a built-in firewall (not the "firewall" in windows)?

Re:stop updating completely

[FatdogHaiku]

I too have had new machines or fresh W7 installs that don't update. The best luck I've had is installing KB3102810
for 32bit:
https://www.microsoft.com/en-u...
for 64bit:
https://www.microsoft.com/en-u...

Stop the Windows Update service before you run one of these as it can just stall out if you don't.

I guess the thing to do now is move all user doc folders to a NAS and restore the user machines from images on a regular basis. I too would like a list of MS IP addresses, mainly because telemetry...

This would be a great time for the Android x86 guys to shine.
What a bunch of asshats up there in Redmond!

Re:stop updating completely

No.

Re:stop updating completely

[Rockoon]

The trick is to disable windows update and then reboot

Now that its disabled, install the most recent update to windows update that wont complain (not the july version I think) and then finally install the latest version of windows update.

Now that updates are working again, keep them disabled, because fuck this shit.

Re:stop updating completely

[Darinbob]

Given that Microsoft gives more headaches than malware, it may be the safest bet too.

Re:stop updating completely

[Darinbob]

Monthly roll up is a good idea for a trusted and responsible company. It's a bad idea for Microsoft though.

Re:stop updating completely

[JustAnotherOldGuy]

I'm guessing that's where the Silverlight installation came from. Must be one of those "malware definitions."

Makes perfect sense, as Silverlight qualifies as "malware" in my book. I don't have it, never use it, and yet somehow everything seems to work just fine without it.

No need to install half a gigabyte of Microsoft's bullshit code that has no value or utility for me.

Re:stop updating completely

[c-A-d]

The only thing I've seen close to this these days is on-silicon ACLs present in high end 10Gb ethernet cards.

Re:stop updating completely

[Thanatiel]

I was thinking of a "real" firewall at the exit point, and on a private user point of view : the modem.

Re:stop updating completely

Yep.

What this means is that individual patches will no longer be available after October 2016, and Windows 7 and Windows 8 users will now only have two choices: stop updating completely and leave your computers vulnerable to security holes, or accept everything single thing Microsoft sends you whether you want it or not.

This is yet more FUD being pumped out by M$. My unpatched Windows 8.1 Pro system is perfectly secure and stable. How do I do it?

1) Don't download random executables/scripts/macros/etc from random sites.
2) Two firewalls, one external, one internal (non-M$).
3) Up to date active anti-virus and anti-malware inoculations.
4) VM sandbox to test unknown programs in.

Accepting updates post-August 2015 from M$ is a surefire way to get your system infected by malware.

Re:stop updating completely

You are ill informed if that's what you think. Microsoft's AV consistently ranks as one of the worst in all comparisons.

Re:stop updating completely

[fustakrakich]

Anecdotal experience overrules any statistical ranking. And all within five percent of each other, go for the in house one.

Re:stop updating completely

[a_mari_usque_ad_mare]

This is the last straw for me, and I fundamentally don't trust Microsoft anymore.

I wasn't crazy about Windows 10 when it first came out. Its the first Windows with monetization and spyware baked in. I also find it much buggier then previous versions, as if they have cut their testing.

The big change is they now seem to view 7 and 8 users as freeloaders and are willing to damage their experience to get them to 10. I think in Microsoft's view if you have a Windows install that isn't using their app store and seeing their ads in the start menu, you don't matter. This change is part of a broader pattern of screwing their users that started with the hard sell on Windows 10 updates.

They have altered the deal, and anyone who runs Windows now needs to pray that they don't alter it any further.

Re:stop updating completely

https://decentsecurity.com/windows-7-fast-update/ is a pretty great instruction guide on getting a pristine Windows 7 machine the minimal updates required for it to actually finish installing updates on its own.

Re:stop updating completely

Anecdotal experience overrules any statistical ranking.

That statistical ranking is based on many people's anecdotal experience.

And all within five percent of each other, go for the in house one.

That is a huge margin when it comes to AV. You must not care about your data very much. Also the fact that, by your own admission, Microsoft AV actively changes your settings around should be enough reason to not want it.

Re:stop updating completely

I wonder if these updates will include the "upgrade to Windows 10" feature with each release.

Re: stop updating completely

Can someone verify that this works?

Re:stop updating completely

[kheldan]

That option will soon be disabled also.

Maybe for the technological neophyte. The rest of us can shut down and disable a Service, or failing that, hack the registry to remove the Service entirely, or failing that, remove the relevant file(s) from the filesystem completely. There's always a way.

Re:stop updating completely

[joboss]

This is what will happen in a nutshell. They will include all their telemetry updates. Perhaps the security only one will be acceptable as a bare minimum but here's the problem... There will be updates in the normal release that you want as well. Things such as basic updates for compatibility and crash bugs.

Re:stop updating completely

They have altered the deal, and anyone who runs Windows now needs to pray that they don't alter it any further.

That's exactly what I came here to see. I knew *someone* would say it :D

Can't have customers removing spy^H^Hecurity patch

I guess they really didn't like people removing telemetry KB updates.

Next update

Next update upgrades to Microsoft (C) (R) (TM) Windows (C) (R) (TM) 10 (C) (R) (TM) Home (C) (R) (TM) Edition (C) (R) (TM). Anonymous user discloses zero-day vulnerability affecting all Windows 7/8 systems that gives the attacker root if you plug the computer in or take it out of a Faraday cage.

Microsoft is pretty much just openly taunting

its users at this point. "What're you gonna do? Play Battlefield 1 on Linux?"

Re:Microsoft is pretty much just openly taunting

[zwarte+piet]

ksudoku is also fun

Re:Microsoft is pretty much just openly taunting

[Z00L00K]

Sokoban please.

Re: Microsoft is pretty much just openly taunting

>origin

Those people are already running Windows 10.

Sounds like a great idea!

So the two choices are:

> Get every update and let us collect data on everything you do, Citizen.

or

> Stop updating completely.

Well, I think I will be pretty safe with Firefox + Adblock.

Re: Sounds like a great idea!

I'll be even safer on a Mac

Re: Sounds like a great idea!

[bmo]

I'm a Linux user and abuser since the 90s and I've watched all these shenanigans happen over the decades.

My smug cloud is even thicker than an Amiga user's from the 80s.

--
BMO

Re: Sounds like a great idea!

I always enjoyed my TI 99 4A with the extended basic cartridge :)

Re: Sounds like a great idea!

[AJWM]

Yeah? So how do you feel about systemd? ;-)

Re:Sounds like a great idea!

[Anonymous+Brave+Guy]

Actually, there does appear to be a somewhat reasonable third choice: Microsoft will apparently also be offering a security-only bundle each month, though it looks like you'll have to install it manually if you're not using WSUS as it won't be fetched via Windows Update. You still won't be able to cherry-pick individual updates, but at least it won't come with all the other stuff you probably don't want -- unless they decide to call some of that "security".

(There's a specific question about this, and a response from the Microsoft guy confirming that a monthly security bundle will be available for all of the different Windows 7 variants, in the questions below the blog post itself.)

Re: Sounds like a great idea!

Yeah? So how do you feel about systemd? ;-)

As a Debian user, there's still a choice to install another init system, so I'm mostly fine with it. Old sysv? Possible. runit? Possible. Plus some others in the repos I'm not thinking of, and Upstart's even still in stable, though it's not in testing/unstable anymore. Even if you want to use something with systemd dependency (desktop crap) you can install systemd-shim and the desktop-oriented bits work without requiring the init/logger/etc. parts.

Do I love systemd? Nah. But for all the bad shit you can say about systemd's adoption, I still have more choice than Microsoft is giving Windows users lately.

Re: Sounds like a great idea!

10 CALL SAY ("your mom is a bitch")
run
"Your...Mom...Is...A...UHOH!"

Re: Sounds like a great idea!

[bigfinger76]

I think you dropped your mic.

Re:Sounds like a great idea!

[gweihir]

I have seen that too. Cannot be installed via Windows Update, but can be downloaded. Apparently they still have some misgivings and will not start to rape Win7/8 users regularly as they do Win10 users.

Re: Sounds like a great idea!

(GP AC here)

Thanks for that comment, it actually made my previous comment better by imagining a mic-drop at the end.

I do think it sucks that some distros are making it harder to choose, Windows-style, but that's why I use Debian in the first place. It's more reluctant to make sweeping changes, and tends to be good about giving you a choice. (There's still commitment to keeping sysvinit working even with systemd as default, for example.)

I'll take that over dead-simple but "we know better than you, stfu" any day.

And this led me off Windows Desktop...

[kbonin]

Microsoft has decided they own your computer, so (&*#^%$ em...
Been using Windows desktop since 3.1, mostly for work and gaming, helped move the games industry off DOS4GW to Windows a long time ago. And this sort of crap has moved me from Win 10 to dual boot Win10/Linux Mint, soon to remove the Win10 partition. I've moved almost my work onto Mint, only use Win10 when I have to run a Windows app, and the few left there I'll be exploring Wine or relocating into a Win10 VM. Steam provided great Linux versions of enough of my games I no longer need Windows, and my job is moving from C++ on Windows + Linux to JS on Azure & AWS, so no longer need Windows desktop for anything bur work corporate apps and have throwaway laptop for that. Good riddance.
Will be helping all interested friends make the same transition.

Re:And this led me off Windows Desktop...

The only hurt their is that they get less ad revenue from that (presumably) infrequently used throw-away laptop.

Re:And this led me off Windows Desktop...

[Rob+Bos]

Quite a few people do care, even if you don't.

Re:And this led me off Windows Desktop...

Why else would I use Windows?

Re:And this led me off Windows Desktop...

Like posting on Slashdot...

Re:And this led me off Windows Desktop...

I'm in the same boat here, pretty much. (Actually we both spent some time at SSI back in the day, if you're the same kbonin.)

I've thought more than once about going over to Valve and asking if there's anything I can do to help with their Linux strategy. I don't know much about Linux, but over the past couple of years I've learned a lot about Microsoft.

Re:And this led me off Windows Desktop...

Wiped 10 and installed Mint on a new laptop I ordered a few months ago that was *supposed* to come with 8.1. Never regretted it for a minute.

And I just did a quick inventory and there is only one game preventing me from going 100% linux. Worst case I can keep a dedicated partition running non-updating 7 for that game alone.

Re:And this led me off Windows Desktop...

[gweihir]

Indeed. Games are the only reason to have a native Windows installation. The only other thing, MS Office, runs nicely in a VM or apparently even with CrossOver. I have been seriously thinking about making my Windows machine gaming-only, no email, minimal browsing and getting a second machine with Linux for browsing, email and work.

Re:And this led me off Windows Desktop...

[kbonin]

heh, probably the same, I don't know of any other kbonin's at SSI, I was there from late gold box to shortly before the big sell out. I spent most of the next decade in games (EA, Bethesda, some startups) before moving to enterprise security, came to learn FAR more than I wished about the messes at Microsoft. From having to reverse engineer Word to figure out just how it could scroll the screen faster than the public APIs do (pre GDI, Word was using a hack of outputting to a printer driver with certain flag settings to get to screen,) to pretty much every subsequent generation, right through Azure today. Microsoft is an amazingly predatory corporation. The previous generation of "nobody ever got fired for choosing IBM" has just moved to "Microsoft". Intelligent at capturing as much revenue as possible, but quite predatory. Between their loss of mobile and the crashing importance of the desktop, I'm looking forward to them collapsing. Until then I have to keep supporting Azure, but even the most obtuse PHB will eventually get upset at the huge and increasing percentage of revenue Microsoft siphons off your product on Azure vs. AWS.

Re: And this led me off Windows Desktop...

This.
I trained my family to not touch the windows machine. Only used by me, for games. I run a second machine with only Linux. They get their stuff done on Linux just fine.
I don't even remote desktop or vlc to other systems from that windows machine.
Also, windows update service disabled.

(Seriously, zero trust left in MS.
Was glad to see Balmer leave. Didn't think worse was possible. Mumble mumble mumble...)

Re: And this led me off Windows Desktop...

Oh hi Steve, glad you could make it. Throw me a chair so I can siddown, would ya?

Re:And this led me off Windows Desktop...

No, you (and everybody else who believes this myth) are fucking morons.

YOU own the software. Unless you signed an agreement when you bought your computer, you bought everything in that box, hardware AND software.

"Shrink wrap" "licenses" aren't worth the pixels they're printed on.

You may not own the right to copy the software, but you absolutely own the software if it came with your computer or you bought it in a box in a store.

Re:And this led me off Windows Desktop...

[darrenadelaide]

Microsoft has decided they own your computer, so (&*#^%$ em...
Been using Windows desktop since 3.1, mostly for work and gaming, helped move the games industry off DOS4GW to Windows a long time ago. And this sort of crap has moved me from Win 10 to dual boot Win10/Linux Mint, soon to remove the Win10 partition. I've moved almost my work onto Mint, only use Win10 when I have to run a Windows app, and the few left there I'll be exploring Wine or relocating into a Win10 VM. Steam provided great Linux versions of enough of my games I no longer need Windows, and my job is moving from C++ on Windows + Linux to JS on Azure & AWS, so no longer need Windows desktop for anything bur work corporate apps and have throwaway laptop for that. Good riddance.
Will be helping all interested friends make the same transition.

Same here

With all the violations to my privacy I had enough about 12 months back, there is a much better way to work than to just take the crap thap Microsoft slings at people, combined with NSA spying and violating our security (im now semi retired due to severe health issues so have time to volenteer when I have pain levels under control) especially with voluntary pre-patent work to assist with genetic research (which the NSA is known to assist their "commercial interests" against ours who develop it), this spying made it mandatory for all researchers to protect our IP and boycott Microsoft (and others) completely. The leaders in the "five eyes" countries should be called to account for their "cooperation" which benefits the wealthiest fraction only to control all assets and the rest as slaves.

Once you move over to Linux (Im on Mint 17.3) you never want to move back.Its fast, its reliable and so flexable, you just need to make the paradigm shift and do it. Yes it was a reasonable amount of work to move our data and applications over, but once done you notice a significant acceleration in productivity.

Make the move

Re:And this led me off Windows Desktop...

[joboss]

I always loved windows despite all the haters and now I'm buggered as far as personal or work usage goes. What MS has started to do after Windows 7 is too much. I don't want metro (my PC is a desktop, not a phone, improve tiling, virtual desktops, windowing in general fine but metro makes zero sense on a desktop), teletry or web integration. Nor do I want MS doing things like uninstalling software without my consent and turning my machine into a fully managed one like phones with their walled gardens rather than a personal one where I have not things such as root access, choices, etc. My primary OS is no longer a viable option and this is a problem. In fact, it's devestating for me after over a decade using windows desktop and actually having brought licenses. They are turning it into a whole new product rather than simply releasing a new product like any sane company would.

What this means is that individual patches will no longer be available after October 2016, and Windows 7 and Windows 8 users will now only have two choices: stop updating completely and leave your computers vulnerable to security holes, or accept everything single thing Microsoft sends you whether you want it or not. There is software for windows that you just can't get for Linux and the hardware support for windows has always been great (not to mention the desktop is always fairly consistent and snappy where as Linux suffers from changing things every other day). Anything from opensource can easily be ported and crosscompiled but not the other way around. As a developer, I definitely think that at some point in the future probably a couple of years down the line I will be using and contributing to wine.

Re: And this led me off Windows Desktop...

[lucien86]

Yes but most of this only happened after Balmer left.. Assholes that totally don't respect the user-base and want to turn PC's into phones.

Do they think that everyone is stupid?

That seems to be what they are saying - that none of their users are smart enough to pick and choose which updates they want, and that they are the only ones capable of deciding which updates should be installed. Just wait until they screw up an update and cripple a large portion of their user base - or subject their user base to significant new security vulnerabilities in the process of trying to fix an existing vulnerability. I find it really hard to believe that their testing process is comprehensive enough to cover all hardware and software configurations, and I think that they lose a lot when they disallow users to selectively install (or roll-back) updatess.

Re:Do they think that everyone is stupid?

[DogDude]

Do they think that everyone is stupid?

I don't know if you've seen any national news int he past 6 months or so...

Re:Do they think that everyone is stupid?

[Sarten-X]

they are saying - that none of their users are smart enough to pick and choose which updates they want

It's not an issue of being smart enough... The problem is that most users who say "I will pick my own updates" never actually do so. They end up picking a handful of patches to deploy, before they lose interest and stop patching altogether.

Just wait until they screw up an update and cripple a large portion of their user base - or subject their user base to significant new security vulnerabilities in the process of trying to fix an existing vulnerability.

That happens already, and it's not nearly as big a deal as it seems. The first reports come in, and the update is halted and fixed.

I find it really hard to believe that their testing process is comprehensive enough to cover all hardware and software configurations

Believe what you will, but testing doesn't actually need to cover all configurations. Compatibility needs to be tested thoroughly according to documented interfaces, and as long as those documented interfaces don't change, it's not Microsoft's fault if something breaks. If your webcam driver relies on some undocumented quirk, and that changes, then the onus is on the webcam vendor to release a driver that follows better practices.

This is 2016, not 1970. Your user applications don't need to have direct access to the hardware, not even "for better performance", just like your software doesn't actually need administrator privileges, not even "to access shared data". APIs are complete enough that you can do what you need following the defined and documented interfaces, without concern for the implementation behind them. If software vendors* would aim for "sustainable" more than "clever", 90% of Microsoft's problematic patches wouldn't have been problems.

The other 10% are times when Microsoft changes functionality, like a recent patch where the details of Group Policy filtering changed. Those details are reported in the bulletins released with each patch... and of course your sysadmins are reading those, right?

I think that they lose a lot when they disallow users to selectively install (or roll-back) updates

I think we've lost more in the relentless pursuit of backwards-compatibility with obsolete (and arguably broken-by-design) equipment.

* Perhaps not surprisingly, the worst offender I can name for using undocumented APIs has been Microsoft for most of the last two decades. Recently, they've improved somewhat with the push to make their APIs accessible to PowerShell (and therefore documented and public), but that's a rant in itself.

Re:Do they think that everyone is stupid?

[Rockoon]

If your webcam driver relies on some undocumented quirk, and that changes, then the onus is on the webcam vendor to release a driver that follows better practices.

What if my webcam driver requires that the video be mpeg compressed?

I am literally amazed that you brought up webcams given that Microsoft literally just broke a million of them for windows 10 users several days ago

Re:Do they think that everyone is stupid?

[unrtst]

I suspect that you'll find it was the webcam driver that was at fault for not following the documented interfaces, and that mpeg compressed video was not explicitly allowed in that context.
</sarcasm><!-- I wish this tag was unnecessary -->

Re: Do they think that everyone is stupid?

Yeah. Next time they will break a million sata controllers instead of webcams... with no reverting possible.

Re:Do they think that everyone is stupid?

tl;dr: Microsoft knows better than users and hardware manufacturers

If something on my computer works today, I expect it to work exactly the same way tomorrow (barring hardware failures). Period. Just like I expect all my settings to stay the same and all my programs to still be there. I refuse to give up that expectation (along with my bandwidth and privacy) in the all-consuming pursuit of "security" (read: advertising revenue) and so MS (annual revenue: $93 billion) can save a million or two on payroll by firing some devs. The fact that the guy who wrote the driver for my webcam may have used some creative programming is zero excuse.

If a guy from Ford showed up one morning and tried to pry the rims off your wheels because they weren't Ford-approved, you'd call the fucking cops.

Re:Do they think that everyone is stupid?

The point, as has been noted above, is to make sure that you cannot refuse the telemetry patches; and I'd go further and say the Microsoft torrent patches, where Microsoft uses your machine and bandwidth to distribute its' software. After all, your machine and bandwidth belongs to Microsoft (their view), so why wouldn't they make use of it.

Re:Do they think that everyone is stupid?

[epyT-R]

1. The problem is forced updates that impose user-hostile changes to TOS. MS has broken whatever limited trust they had from users. A decade ago, they would've labeled such user-hostile software as malware. Just because they document their changes doesn't mean they're magically ok either.
2. The problem is that microsoft isn't a fan of 'sustainable' either, so sticking to documented interfaces doesn't guarantee a thing. Many times, the 'undocumented' approach is the only solution that works at all.
3. Backwards compatibility is what keeps windows relevant. Maybe you're used to working for a fortune 100 that can bankroll brand new equipment every five years, but the average sysadmin or individual does not have the funds for that. Throwing out perfectly good hardware (or software) because of a shitty software update is unacceptable. So is slowly removing sane ways to manage/roll back these problematic updates.

Re:Do they think that everyone is stupid?

Yes, let's send YUV 1080P video on a USB2 interface. You realize USB2 doesn't have enough bandwidth for that and this is why mpeg compresion is REQUIRED.

Re:Do they think that everyone is stupid?

[Sarten-X]

If Ford promised to replace your tires when they wear out, don't complain if the standard tires don't fit your aftermarket wheels.

Re:Do they think that everyone is stupid?

[Sarten-X]

Then you raise a complaint through the official channels, and Microsoft fixes it... Which is exactly what's happening right now.

Re:Do they think that everyone is stupid?

Re: your sig.

"We believe that Internet Explorer is a really good browser" - Steve Jobs, 1997

MacIE was actually a pretty good browser. It had a different rendering engine than what WinIE had. Notably, it had a correct box model.

Also, WinIE was a pretty good browser too, for the time. (I'm thinking of IE4 and IE5.5 here.) The problem was that IE6 became dominant and webmasters who did not deserve their title no longer bothered to test in other browsers...

(I never had more than a Geocities web site but I still had Opera, MSIE and Netscape all installed and tested accordingly.)

Re:Do they think that everyone is stupid?

[Rockoon]

Then you raise a complaint through the official channels, and Microsoft fixes it... Which is exactly what's happening right now.

Does this mean that the webcam works, or doesnt work?

Its the later, right? Currently millions of webcams do not work anymore, yet they did less than 7 days ago.

Will raising a complain on official support channels retroactively give people this week/month/year of use of their hardware back?

Look, I have been accused of being a microsoft shill here because I have a rational bent on things. You however, don't have such a rational bent.

Forced updates, rollups, and so on, is exactly whats being discussed... these things have literally turned hundreds of millions of dollars of existing hardware into bricks. Go fuck yourself for defending it.

Re:Do they think that everyone is stupid?

Then you raise a complaint through the official channels, and Microsoft fixes it... Which is exactly what's happening right now.

MS fixes it if it fucking well suits that. FUCK YOU for being a Microsoft shill.

Re: Do they think that everyone is stupid?

Yeah man, about half of all people have below average intelligence!

Re:Do they think that everyone is stupid?

Then you raise a complaint through the official channels, and Microsoft fixes it... Which is exactly what's happening right now.

And send them a check for the QA services?

Re:Do they think that everyone is stupid?

Yes, let's send YUV 1080P video on a USB2 interface.

You realize USB2 doesn't have enough bandwidth for that and this is why mpeg compresion is REQUIRED.

Re: Do they think that everyone is stupid?

[lucien86]

If you apply IQ derating then about 90% of all people are below 'average' intelligence. (Derating reduces the peak value produced by IQ tests by 10 to 20 points putting the average man as having a general IQ of 80 - moron level.)

Re:Do they think that everyone is stupid?

[lucien86]

".. If software vendors* would aim for "sustainable" more than "clever", 90% of Microsoft's problematic patches wouldn't have been problems. .."

Shakes head. The reason that so many Microsoft patches have problems ultimately resolves to the fact that most of their competent programmers have reached retirement and most of what they have left are half arsed incompetents, most of them working on Win10. Why aren't they hiring better programmers? - incompetent ones are cheaper and much easier to find. Would you want to work at Microsoft, Google, Facebook, or Apple? Microsoft stopped caring about the product and as a company are now simply waiting to die. Once the customer becomes the product everything tends (strongly) to turn to shit.

Re: Do they think that everyone is stupid?

*squint* ...not sure if insightful or trolling

Re:Do they think that everyone is stupid?

Then you raise a complaint through the official channels, and Microsoft fixes it... Which is exactly what's happening right now.

Uh-huh. Then what do you do for your fucked-over users in the meantime? By that I mean: Today, preferably yesterday.
This ready-fire-aim bullshit is precisely what does not endear Microsoft to the masses of users who then blame their IT departments for Microsoft's failures in planning.

Shitstorm Rolling In

Looks like we can expect typhoon Shitstorm October 12, 2016

Grab your pop-corn, this is going to be epic!

no surprise here...

...just what anyone paying attention could expect from this company. forced updates, telemetry, poor quality updates, all now packaged in big bundles so you can't separate the crap from the possibly useful. They need to be sure you get what ever they want jammed down your throat. So what if one part of the update breaks your system or contains crap you don't want, now you get it no matter what.
.
I quit doing updates ages ago, they just can't be trusted from that source. Which is really worse, untrustworthy updates or no updates at all? I settle for other means of protecting my MS system and when those don't work any more I guess I'll be a full time BSD & PCLOS user... you know, systems you actually have control over.

And unwanted updates...

[cdxta]

Great, now users can't block telemetry and other unwanted updates without disabling updates altogether.

Re:And unwanted updates...

While I agree that is very much a downside. Patching is a mess today. Bringing up a brand new Windows 7 SP1 install and clicking on Check for Updates always leaves me with a "checking for updates" status for 12+ hours. Windows 7 has been patched so many times and it has been so long since they had a roll-up SP, that Windows Update is broken in its current form. It shouldn't be, but the architecture can't handle the plethora of things to check and dependencies any more.

I'll begrudgingly accept the loss of control for a much improved ability to actually bring a new system up.

Re: And unwanted updates...

I hear you. This week I had to reinstall 7 on a laptop at work using the recovery partition. I literally had it sitting beside me for 3 days doing updates. Check, wait, download & install, wait, reboot, wait, repeat... it was pathetic.

Re:And unwanted updates...

Strange thing is that the slowdown of W7 patching coincided with W10 release... I never had a problem before. And its the OLD patches that are slow. After the first batch (the stuff that took 30sec to start 24months ago) things are fast and smooth.

Re: And unwanted updates...

[bigfinger76]

I did this very thing last night. It had been awhile since I'd done a 7 install, and boy how things have changed. It fought me every step of the way.

Re: And unwanted updates...

[toonces33]

That's pretty much it. The thing sits at 100% CPU the whole time trying to calculate what the heck it needs to do. If the machine runs out of disk space or gets shutdown or rebooted along the way you run the risk that the internal database that it uses has become corrupt and then updates stop working altogether. The status quo is horribly broken. Will this fix it? No idea.

The article mentioned that there will be security-only rollups for enterprise customers. And separate rollups for .NYET, which suits me fine since those things are the most horrible of all in that all .NYET updates are guaranteed to be extremely slow to install.

Re:And unwanted updates...

[Rockoon]

Bringing up a brand new Windows 7 SP1 install and clicking on Check for Updates always leaves me with a "checking for updates" status for 12+ hours. Windows 7 has been patched so many times and it has been so long since they had a roll-up SP, that Windows Update is broken in its current form.

This is because Microsoft broke it on purpose to try to get more people onto windows 10.

..and here you are not only excusing microsoft for this intentional act of sabotage, you are using this intentional act of sabotage as a supporting argument for another intentional act of sabotage.

Re: And unwanted updates...

No, no, no, it's "proactive updates" but only shows up once a month ;)

Re: And unwanted updates...

Yep. Annoyingly, that 100% CPU thing is and acknowledged and fixed bug... But the patch for it only comes down in the 3rd or 4th batch due to dependencies. They could save people hours by backporting it to work on the RTM build and bringing it down first.

Re:And unwanted updates...

[JohnFen]

I'll begrudgingly accept the loss of control for a much improved ability to actually bring a new system up.

I consider an OS that forces this choice on you to be unfit for purpose.

Re: And unwanted updates...

I just did an install the other day for a VM I'm using to determine what I actually *need* windows for. The trick is the same as it always has been:
Install SP1
Install IE11
Install Post sp1 Rollup
run Windows update, if you get the long running update thing install KB3102810 manually
Reboot
run windows update
took about 2 days working on it at home while doing other stuff and forgetting i had the vm running at all....

Re:And unwanted updates...

So obviously, Microsoft's answer to "Windows 10 sucks" is to bring the fan-favorite Windows 7 and the "it's not so bad after all" Windows 8 down to Windows 10's level.

They are really pushing that "Year of the Desktop" thing for Linux. Maybe not 2016, but sometime before 2020, Windows marketshare is going to fall right into the sewers.

It may not be Linux, or rather, not Linux entirely, that benefits, but it will certainly see a significant upswing in popularity.

Now is also the time for Apple to refresh its lower-cost desktop and notebook models and to redouble its efforts on multi-tasking and keyboard friendly interface for iOS; and for Google to revamp ChromeOS and make it a truly viable alternative with local storage and applications support and perhaps even take a lesson from Microsoft and actually have opt-outs to their own spying bullshit and 'cloud' dependencies.

Re:And unwanted updates...

[unrtst]

I'll begrudgingly accept the loss of control for a much improved ability to actually bring a new system up.

It takes less time to bring an old gentoo system up to date. There's no excuse for this.

Re:And unwanted updates...

this intentional act of sabotage as a supporting argument for another intentional act of sabotage.

I suppose it comes down to what is the alternative. Apt-get update/upgrade just works. Sure that is cumulative, but you can see what is going on and only update things you want updated if you are so inclined. It is also quite quick. Pipeline a few of the fetches and it would be even faster.

So nope, I don't see any particular reason why microsoft has to do cumulative updates. Worse, this cumulative update stuff has a huge potential to hide who knows what. Certainly it is bound to include something, sooner or later, which adds new security holes...

Re:And unwanted updates...

[cdsparrow]

Install KB3102810 before you let it connect to internet and it will do initial update check in 20min. Fixes some recursive 100% CPU bug that makes it take 12+ hours.

Re:And unwanted updates...

Well you can always just download the updates once and inject them into an installer media to use for multiple computer installations.

For corporate networks on an active directory domain, there are WSUS and SCCM options.
For home networks where investing in that type of infrastructure isn't particularly desired, there are even more options available to you.

- Autopatcher ( http://www.autopatcher.net/ )
- Windows Update Downloader ( http://www.windowsupdatesdownl... )
- Windows Update MiniTool

You can then use your existing WindowsISO along with the updates downloaded above to build a new ISO that installs everything all together in one go.

- nLite ( For Win XP )
- vLite ( For Win Vista )
- rt7lite ( For Win 7)

Hopefully one of the project pages above will list options for Win 8 or 10 if you need that. I've personally not done so with anything newer than 7 so you'll have to research those on your own.

Re:And unwanted updates...

Oh for #### sake, do you REALLY think that? Given that the broken windows update meant (in my experience) that these computers could not get ON TO WINDOWS 10 EVEN IF YOU WANTED IT? So this behavior surely would result in in LESS Windows 10 installations, not more?

Windows Update is how you updated to W10. Broken Windows Update meant no upgrade. Sheesh, Microsoft aren't really that sneaky - they're just simply uncoordinated.

Re:And unwanted updates...

What you need to do is google/bing for the april 2016 rollup (mega) patch (KB3125574 for 64 bit OS, its about 486MB). It is all of the still relevant cumulative patches from SP1 (released February 2011). You'll need to download it from a special MS site that checks your PC's license & OS version (which has to be Windows 7). Also, you need to download a patch that lets you apply the rollup patch (KB3020369 for 64 bit OS, KB3020369 for the 32bit OS) Also download the IE 11 bundle (I forget why, but at some point, the patch process gets messed up without a more current version of IE). If you can, DL the may rollup patch (kb3156417 for 64bit OS) as well. (MS skipped June, and its allegedly the July rollup patch that gives many problems, particularly bluetooth.)

Then offline, install Windows 7 SP1. Then install whatever hardware patch drivers you need for your machine to work properly (For me, its a motherboard NIC patch; I put off the USB3 & audio patches for later.) Then install IE11, and the patch that enables rollups and reboot. Then install the april rollup megapatch. (It may be a good idea to run `sfc /scannow` afterwards, just to see it all got installed to MS's satisfaction). Yes it will still seem like it is taking forever, but it will be done in less than 2 hrs, and still be a much more preferable option to trying to update online a new Windows 7 SP1 install. If you have it available, install the may rollup patch. Optionally, you may have a preferred virus scanner to install; you may also want to run system cleanup. Only then go online. (Still have to validate those MS licenses...) I have no suggestions as to how to proceed with patching from that point on. (Good luck, you anal-retentive Windows 7 bastards...)

Re:And unwanted updates...

AFAICS, it's not actually on purpose - they actually released updates specifically after they found that Windows Update was broken if it tried to install too much at once (e.g. for upgrade to Windows 10)...

Of course, Windows has no mechanism for higher than "critical" priority, so they haven't been able to force you to install the updates to _fix_ this before your machine tries installing all the rest of it, but glass half full.

https://decentsecurity.com/windows-7-fast-update/ has a nice rundown of which updates you need.

Re:And unwanted updates...

Now I remember how it took "only" a few hours late last year. Pirate .iso out there have that crap baked in. Still a nightmare, that required to ugprade computers (one physical and one VM) because Windows Update didn't seem reliable at all with 1GB RAM or less, even for the 100MB or 200MB updates that were left. Some Internet guy said Windows needs 2.7GB RAM. Sure, with 3GB minus video RAM, and just over 2.7GB RAM, it worked.

I'd get by on 512MB if I didn't waste so much RAM on Slashdot threads and the like.

Re:And unwanted updates...

[Lonewolf666]

In this case, it may be honest incompetence by Microsoft ;-)

In a thread at superuser.com (http://superuser.com/questions/890038/why-is-checking-windows-update-so-slow/935299#935299) some people describe the update process as a horribly complex dependency tree the update agent has to process. The more patches add up, the worse it gets.

One guy who goes by "Dalai" has published a guide on how to shortcut the process (http://wu.krelay.de/en/).
It requires the user to manually download a few patches from Microsoft and apply them outside of the normal patching process. Those patches contain improvements to Windows Update that make the algorithm more efficient.

The problem as I understand it is that a fresh Windows 7 installation does not have those patches yet, and the original, un-optimized update algorithm gets bogged down trying to process the update dependencies (which it must do before it can install the updates). So the solution is to install those patches manually.

Third choice

[WaffleMonster]

Stop using Windows.

Re:Third choice

[Greyfox]

Easy enough to say but last time I checked if you want to do anything with the current VR headset boom, you're pretty much going to have to use Windows. Steam's OpenVR initiative makes it sound like you don't, but a few months ago when I checked their Linux examples wouldn't even build.

Re:Third choice

"boom"... I don't think it means what you think it means.

Re:Third choice

"Easy enough to say but last time I checked if you want to do anything with the current VR headset boom, you're pretty much going to have to use Windows."

Or get a new PS4 later on. Not a perfect solution, but at least one option that's not windows dependent.

Re:Third choice

Seeing as right now most of the "boom" consists of seriously overpriced tech demos...... they "boomers" can keep it. Wake me up when there are actual games that regularly support VR and the hardware has improved and dropped in price by about $300 or so. Then we can talk, until then I have one less reason to keep Windows kicking around.

Re:Third choice

[JohnFen]

Well, you could contribute and fix whatever it is that is broken for you. Or just stay with Windows.

Re:Third choice

[LVSlushdat]

Stop using Windows.

I did, about 6 years ago.. Used/supported MS products for nearly 20 years as a sysadmin.. Decided that when I retired, I was *done* with MS.. After seeing the "Windows NSA Edition" shit-show, I couldn't be happier....

Re:Third choice

[thegarbz]

Stop using Windows.

That's not a choice for many and faced with the complexity of learning a new OS + finding and learning replacement for all the software, or just ... not caring about a telemetry update or two, the vast majority of the world will happily plod along with the latter option.

Re:Third choice

That's impossible for many of us. Take me, for example. I've never used Windows for work, switched from Mac to GNU/Linux about a decade ago. But I'm also making music and no matter what the fanboys say, audio processing on Linux is a joke. I've invested a lot of money into audio plugins that will probably never be ported to Linux.

Re:Third choice

[unixisc]

When Windows 8 was out, I found using it so bad that I switched my home PC to PC-BSD. Then at one of my jobs, we had to have an app that ran only on Windows, so I got a $250 laptop which I use for any work that has to have Windows. Use that for work, but for things like shopping, managing my bank accounts, making payments, et al, I use my PC-BSD laptop primarily, and sometimes my Android tablet

Re:Third choice

Well, this attitude is how freedom will be lost. You must feel so proud (poorly) justifying it.

Re: Third choice

Audio processing on Linux is a joke? Windows supports all of three audio cards for real time processing. And even then it's a hit and miss job to get below 6ms times in anything you do.

Meanwhile, I can get real-time audio out of my shitty onboard sound card using Ubuntu studio.

I can use multiple audigy 2 cards in parallel for high end high input output work (total cost $6 per card) and not have you blow $1200 for the only Windows card that does the same thing (which breaks as soon as Windows decided it wants to update the driver to one which doesn't support asio for some inexplicable reason)

"They doesn't supports my proprietary plugins!!1!" Is not the same as "audio sucks on Linux"

Ardour is wonderful. There is no equivalent to Jack on Windows.

Maybe you shouldn't have bought shitty plugins, because high quality non vst crap works fine cross platform

Movin' on now...

This is just the kick in the pants I needed to repave the last of my non-MS computers and take them to a non-MS platform. Thanks, Satya!

Nice as a default, not as a mandate

[davidwr]

People bought Windows 7/8/8.1 with certain expectations, including the ability to opt out of a given update.

Having a monthly roll-up is generally a good idea for most customers, at least in those months with no "bad patches" (grrr). After all, that's how Apple has been doing things for its iOS and MacOS (formerly MacOXS) updates for years. If I recall, that's how they handled updates for the original MacOS (1980s-1990s) as well, except that it wasn't on a monthly cycle.

However, to suddenly change the rules mid-stream is bad PR when it comes to business customers.

At the very least, they should have a registry-key or group-policy that you can put in to "go back to doing things the old way," at least for "Enterprise," "Pro," and "Ultimate" editions.

Oh, to make things worse, they didn't announce this until AFTER the free Windows 10 upgrade period is over. Users who kept Windows 7/8/8.1 specifically so they could manage updates individually are going to be calling "foul" over this.

Re:Nice as a default, not as a mandate

[arobatino]

Oh, to make things worse, they didn't announce this until AFTER the free Windows 10 upgrade period is over. Users who kept Windows 7/8/8.1 specifically so they could manage updates individually are going to be calling "foul" over this.

It's still available from the assistive technologies page. You have to vouch that you use assistive technologies, but there's no proof required, and under the circumstances there's no reason to feel guilty (but using the magnifier for a few seconds once a year technically qualifies if that's a problem).

Re:Nice as a default, not as a mandate

[Anonymous+Brave+Guy]

We've stopped installing almost all recent updates from MS anyway, since we basically now consider them more dangerous than not patching anything except clearly identified security vulnerabilities.

My concern with the new plan is whether any machines that need a fresh installation after October will no longer be able to download the currently available updates of our choice. If Microsoft make the Windows Update system only work with the new monthly roll-ups and won't supply the previous individual patches any more, that would be significantly worse than just not offering any new patches outside of the monthly roll-ups.

Another brilliant, walled-garden idea

As a computer tech that uses Linux almost exclusively I've also serviced Windows systems for family and friends.

Here's two questions for the bright guys at MS

#1 What if I install a brand new copy of Win7 (either because of a wipe and reinstall, or brand new install) I can't get updates at all because it won't have the current update?

#2 Can you put, on paper, that your once a month update will not totally bork the windows system it's used on, and if I have to reinstall it, do I have to accept this bad update /again/ or else not have any updates at all?

Tell me, MS. Do you all have a walled community in which you test your OS to see if it'd work well enough there, then dump your buggy, insecure OS onto the masses? For you must if you think this is a good idea.

Personality I won't care. If our one office system can't upgrade. I'll leave it unpatched until you come back to the /real world/ It doesn't matter if Windows is patched anyway. This year I had to clean out systems 30 times because of malware. I'll stick with linux, thank you. I've had only one malware attack since 1998 after I moved away from the train-wreck called Windows 98 and linux runs an another office.

Re:Another brilliant, walled-garden idea

[Dracos]

#1: Updates will always be available.

#2: We could put that on paper, but we won't.

MS does have a testing community, but it's a smaller shanty town than what you might expect.

Re:Another brilliant, walled-garden idea

[Sarten-X]

As a sysadmin for mixed Windows/Linux environments with strict patching policies, here's what I expect:

#1 What if I install a brand new copy of Win7 (either because of a wipe and reinstall, or brand new install) I can't get updates at all because it won't have the current update?

The current update will be pushed automatically from the Windows Update server. Like you do now, you'll install vanilla Windows, and tell it to check for updates, and it will download the latest monthly patch. That patch will just include the fixes from previous months.

Think of it as being very similar to how most Linux distros handle package updates. Only the latest versions are automatically pulled. Older versions may still be available, but they won't be delivered by default.

Can you put, on paper, that your once a month update will not totally bork the windows system it's used on, and if I have to reinstall it, do I have to accept this bad update /again/ or else not have any updates at all?

I expect Microsoft will promise, once a month, that the updates won't break anything too badly, or they'll fix it real soon. I'd estimate 99.99% of patch installations are harmless. On the rare chance you happen to have a hardware configuration that doesn't work, there are already channels (through your MS support rep) to properly report it and get a fix.

If an update works fine except that it makes your fine-tuned software configuration need a bit more configuration, that's your problem.

Meanwhile, if you do have a problem with a particular fix, I expect that previous monthly patches will be available for download and manual installation, just like current superseded patches.

This year I had to clean out systems 30 times because of malware

Roughly one infection every 12 days? I don't think patching is going to help you. At that rate, I'd be suspicious of your users. Do they have any admin capability? Is software controlled? Do you forbid personal devices from touching company networks? Do you run a firewall and proxy to restrict web access? Do you monitor those things to make sure they're actually doing their job?

Patching workstations can only reduce your attack surface, but it cannot cure user stupidity. There are always users who will execute email attachments, or download "free new emoticons" or plug their phone into every available USB port.

I'll stick with linux, thank you.

I'm inclined to agree, but let's not get complacent. Just because Linux isn't under as heavy an attack doesn't mean it isn't also vulnerable. My favorite exploit happens to be a Linux-based permission elevation.

Re:Another brilliant, walled-garden idea

[Man+On+Pink+Corner]

On the rare chance you happen to have a hardware configuration that doesn't work, there are already channels (through your MS support rep) to properly report it and get a fix.

Whatever they're paying you, it's not enough.

Take that however you wish.

Re:Another brilliant, walled-garden idea

[epyT-R]

1. Promises != reality. Their patch engine is broken if it can't scale from a machine up to date 24hours ago to fresh RTM installs.
2. End users don't have a "support rep". They just get the patched shoved onto their machines breaking their workflows. Again, you're talking as someone working at a large company. You're big enough to get concessions. Most MS users are not. Having the ability to rollback problematic patches is necessary so these people can use their machines as intended.

Roughly one infection every 12 days? I don't think patching is going to help you. At that rate, I'd be suspicious of your users. Do they have any admin capability? Is software controlled? Do you forbid personal devices from touching company networks? Do you run a firewall and proxy to restrict web access? Do you monitor those things to make sure they're actually doing their job?

most of these policies became SOP because of these inherent flaws in windows going back to the 90s. If patching isn't going to help this, then what's the point of patching at all? Assuming the machines are admin'd properly (users not running as admin should be enough for sane systems), such malware would have to abuse vulnerabilities to escalate.

Re:Another brilliant, walled-garden idea

[Sarten-X]

Yes, yes... I disagree with the hivemind, so I must be a shill. I've danced that tune before, and since you can't form an argument apart from a personal attack, I am forced to conclude you are an imbecile. Take that however you wish.

Re:Another brilliant, walled-garden idea

[Sarten-X]

1. Promises != reality. Their patch engine is broken if it can't scale from a machine up to date 24hours ago to fresh RTM installs.

I never mentioned scaling. What doesn't scale is the idea of testing a factorial number of patch combinations.

2. End users don't have a "support rep".

Actually, they can. Microsoft has online and phone support for end users. Companies do have more thorough (and more expensive) options, but most users have options as well.

most of these policies became SOP because of these inherent flaws in windows going back to the 90s. If patching isn't going to help this, then what's the point of patching at all? Assuming the machines are admin'd properly (users not running as admin should be enough for sane systems), such malware would have to abuse vulnerabilities to escalate.

Patches are still a last line of defense. The first defense should be a firewall/proxy to stop threats from reaching your users. Then your users should be educated, preventing the malware from being executed. Then you have antivirus and active scanning to prevent the malware from doing anything bad, followed by restricted admin rights to reduce the damage the malware can cause. Then finally, you have patches, which prevent malware from working around the admin restrictions and permission checks that are already designed into the system.

Re:Another brilliant, walled-garden idea

"On the rare chance you happen to have a hardware configuration that doesn't work, there are already channels (through your MS support rep) to properly report it and get a fix."

Only if you happen to be one of their bigger enterprise customers. Otherwise they'll pretty much tell you to fuck off.

Re:Another brilliant, walled-garden idea

Nowhere in your post did you even mention the telemetry that everyone else is complaining about.
You conveniently avoid it at all that microsoft has lied hen they called somethnig a security update and it was actually spyware/telemetry.

So either you are having a different conversation that the rest of the people here or you are trying to spin somethnig. Ive seen many shills come through here and not a single one has ever admitted to it. Not saying you are but circumstantial evidence is pretty compelling.

Re:Another brilliant, walled-garden idea

#2 How do you think updates work today? If KB X updates abc.dll, then any future KB that needs to update abc.dll will also include KB X. If you don't want KB X, it's not enough to skip it, you would have to check every future KB whether it contain updates to any DLL that was updated by KB X.

Re:Another brilliant, walled-garden idea

Patches are still a last line of defense. The first defense should be a firewall/proxy to stop threats from reaching your users. Then your users should be educated, preventing the malware from being executed. Then you have antivirus and active scanning to prevent the malware from doing anything bad, followed by restricted admin rights to reduce the damage the malware can cause. Then finally, you have patches, which prevent malware from working around the admin restrictions and permission checks that are already designed into the system.

No, patches are fixes to vulnerabilities (that is, serious security-critical bugs that open up unwanted attack vectors). Don't sugar coat it.

And TBH, the proxy is just a useless measure. There's no proxy that will do a remotely good job out there, it only gives you a false sense of security, and most of the time it just gets in the way of legitimate, safe browsing.

Think of windows as the toddler that just learned how to walk. It can't go to the web without a proxy holding his hand. That's not a good state of thing for the long run, you want the toddler to eventually learn how to walk firmly and securely, learn how to cross the street safely, how to avoid drug dealers and muggers. Danger is out there, but you want your kid to learn how to avoid it.

Windows in that analogy isn't just windows the OS, it's the combo os+user. If the user does stupid things, the OS will behave stupidly. Same thing can happen to Linux, but linux just has a more mature design, where privileges are more clearly separated, where common practice is to deny yourself admin rights 99% of the time, except for that particular command that needs it (no sane linux user would "sudo firefox").

So IMV the proxy is a useless tool even at enterprises. Even if you want it to stop people from accessing Facebook. They'll find a way if they want to, to kill time and not work if that's the goal. You want to change their goal, make them want to work, not force them out of Facebook. The proxy just can't do its intended job since it's just not the right tool, it cannot encode the right rules. I've seen proxy rules block important work-related tasks at companies that used them, hurting their employee's productivity rather than helping.

Re:Another brilliant, walled-garden idea

[Sarten-X]

Nowhere in your post did you even mention the telemetry that everyone else is complaining about.

Why should I? That's a popular topic for discussion elsewhere under this story, but not in this thread.

Personally I find the objection to telemetry to be ridiculous, as it's based on the paradoxical trust in Microsoft's software, but not Microsoft's corporate governance. Frankly, if Microsoft was intending to do something nefarious, they wouldn't label it "telemetry" in the changelog. If a government wanted to spy on you, they wouldn't seek Microsoft's overt help. On the other hand, if you want your systems to improve based on the collective experiences of others, data collection is essentially necessary now. Better controls would be nice, but that just opens the door to still more paranoia.

You conveniently avoid it at all that microsoft has lied [w]hen they called somethnig a security update and it was actually spyware/telemetry.

Why not both? Offhand, a good example of this would be the SmartScreen filtering. To a security-focused person like me, having a hash check on files from the Internet is a good thing, because it's an additional layer of defense against malware, and that's worth the incredibly-minor loss of privacy. To a more paranoid observer, any usage information sent to Microsoft is spying for ulterior motives, and the loss of privacy is unforgivable, no matter the possible security improvements.

So either you are having a different conversation that the rest of the people here or you are trying to spin somethnig.

There's a third option that you're neglecting to acknowledge: that the conversation isn't as one-sided as you seem to prefer. My motivations are apparently different from yours. I prefer system security over user preferences, while you appear to prefer privacy over data-driven management. As a result of those different preferences, we want different things from the same product.

Ive seen many shills come through here and not a single one has ever admitted to it. Not saying you are but circumstantial evidence is pretty compelling.

Alternatively, you've seen people with different perspectives, and you stubbornly refuse to believe that they might know a bit better than you. Not saying you're an ignorant buffoon, but the circumstantial evidence is pretty compelling.

Mockery and derision aside, you should go look through my comment history. Some of the more scathing anti-Microsoft posts are rather far back, but they're there. As far as "circumstantial evidence" goes, I suspect you're looking at this one single opinion on one single issue, and using that to infer my opinions on all matters. You don't even know my circumstances at all.

Re:Another brilliant, walled-garden idea

Actually, they can. Microsoft has online and phone support for end users.

HAHAHAHAHAHAHAHAHA! HAAAAAAA!
I take it you've benefitted mightily from these experiences, then? answers.microsoft.com is completely useless. Completely. Every time I need help beyond my experience and don't want to pay a technician for it, the answer has come out of any other forum website or wiki than Microsoft resources. And I really don't have time to spend hours on the phone with Jamal from Hyderabad who's going to ask me if I rebooted and if I reinstalled the drivers and.....
Prove me wrong in a non-shill like fashion.

Well, I guess they want to get rid of the rest

I am a developer. I have a Windows 7 install inside a virtual machine to do that development work. If they think they are going to push crap I don't want onto my computer they are just nuts. I have already relegated them to a virtual machine. The next and only step is for me to discontinue all Windows dev work and move solely to Linux. I think the only people they want running Windows is the ones who have no clue how to use a computer.

I stopped Win 7 updates long ago

[blind+biker]

I have no complaints, my computers work flawlessly.
I look over at the Windows 10 folks, and feel a bit of pity and a bit of indirect embarrassment. But only for a second or two - then I get back to my work. Because that's what my PCs are for.

Re:I stopped Win 7 updates long ago

I have no complaints, my computers work flawlessly.
I look over at the Windows 10 folks, and feel a bit of pity and a bit of indirect embarrassment. But only for a second or two - then I get back to my work. Because that's what my PCs are for.

After years and years of believing that regular OS updating was the best thing to do, Microsoft has shown me otherwise. This is the last straw. No more updating for me.

Re:I stopped Win 7 updates long ago

I disabled everything last December, after they started re-enabling win10 downloads and stopped documenting what patches did exactly. It may be less secure, but there are so many holes in Windows, including in the new updates, that I don't think it makes much difference. For anything important I don't use Windows anyway.
At our company we are moving to an (practically) air-gaped company network, without only a screen-cast of a browser running in a (linux) virtual machine available to the workstations, also for non plain-text e-mail access. We already moved away from closed source server software, closed server operating systems and moved everything on the Windows 7/8 desktops to open source software as far as practical and have tested open source alternatives for the rest in case we are forced into something.

Re:I stopped Win 7 updates long ago

[PhantomHarlock]

I also stopped after the first few Win 7 service packs - everything's running great. If it ain't broke, don't fix it. They got all the major stuff ironed out early. I have not had a crash or a problem in many years.

This is fine for a home user who runs with noscript and adblock plus and is very careful in general with security. I wouldn't try to force that paradigm on my family or anyone not a serious computer enthusiast, however.

Re:I stopped Win 7 updates long ago

This. Bought a new computer about a month and half ago. Installed Win 7 SP1 direct from a Microsoft ISO. Turned off updates immediately. Everything runs fine, even the latest games/software. No problems. No downloading updates. Perfect OS.

Re:I stopped Win 7 updates long ago

Yep, my 7 computers are all updated to February 2015. Since then, no updates are to be trusted. At least 40 are spurious attempts to saddle 10 unwillingly upon my hardware.

List is in the comments, and is only the ones through March this year:
http://superuser.com/questions...

Re:I stopped Win 7 updates long ago

Dear Battery,
>my computers work flawlessly.
Apart from all the viruses you have. Or will have as they will enter via unpatched security holes in your shitty microsoft applications you use.
The ONLY solution is not to use Windows at all.
Either you use AND patch it, or you do not touch it. Simple.

Could be the end for me

[lurker412]

I've been a Msft user since the earliest versions of MS-DOS, which means that I've put up with a lot of crap but kept on as things slowly improved. I have been burned by a number of updates over the years, so I install them manually after checking them out one by one. It's a pain, and some destructive stuff has slipped through from time to time, but I could always uninstall or fall back to a restore point if necessary. It would be nice if I could just trust Msft not to screw up my machine, but sadly, they haven't earned that trust. The choices are rather grim, as I don't want to forego security updates. I'm hoping there will be a large enough outcry that they back off before I have to move to another platform.

Re:Could be the end for me

I've been a Msft user since the earliest versions of MS-DOS, which means that I've put up with a lot of crap but kept on as things slowly improved. I have been burned by a number of updates over the years, so I install them manually after checking them out one by one. It's a pain, and some destructive stuff has slipped through from time to time, but I could always uninstall or fall back to a restore point if necessary. It would be nice if I could just trust Msft not to screw up my machine, but sadly, they haven't earned that trust. The choices are rather grim, as I don't want to forego security updates. I'm hoping there will be a large enough outcry that they back off before I have to move to another platform.

nah buddy, just install ubuntu/xubuntu and forget it. i did from windows server 2008 and never looked back

Re:Can't have customers removing spy^H^Hecurity pa

Now that they've ended the 'free' upgrade they need to start adding all those patches that slow Win7 down and introduce all the extra dialog annoyances like they did with XP.

So what do we do when...

[SeaFox]

we have certain patches that cause issues on our systems and others that are fine?

Even if patches are all installed as a single block, there's going to be problems if users aren't remove individual KBs as needed.

Re:So what do we do when...

You get on that upgrade treatmill and you ride it, soldier! Left, right, left, right, left, right.

Microsoft Update Catalog about time it's no logeri

[Joe_Dragon]

Microsoft Update Catalog about time it's no longer IE only.

Isn't it obvious why they're doing this?

[ZorinLynx]

Microsoft wants to make using older versions of Windows as annoying as possible for IT departments, to try to push us to move to Windows 10.

Corporate IT departments tend to be the biggest holdouts for moving to new versions of Windows. If a business is running fine on Windows 7, there is ZERO reason beyond security updates to move to Windows 10. Now they're giving us an artificial reason: If a rolled up update breaks something, we have to roll back the ENTIRE batch. Even any included security updates.

Microsoft wants their licensing revenue, and they want fewer versions of Windows to support. This is their play.

Re:Isn't it obvious why they're doing this?

Microsoft is one of the richest and most profitable companies in the world. They don't need to worry about what they want so much and should focus more on what the users want.

Re:Isn't it obvious why they're doing this?

[rastos1]

Microsoft wants to make using older versions of Windows as annoying as possible for IT departments, to try to push us to move to Windows 10.

So they think, that people who do not like forced updates and telemetry will resolve the problem by upgrading to Windows 10? That does not make sense.

Re:Isn't it obvious why they're doing this?

[NotInHere]

No, but Windows 7 and 8.1 won't be "safe harbours" anymore, so the disadvantage of windows 10 will be smaller.

Either way, I like it that microsoft makes so many windows users angry, maybe now they switch to in my eyes better alternatives like linux.

Re:Isn't it obvious why they're doing this?

[JohnFen]

So they think, that people who do not like forced updates and telemetry will resolve the problem by upgrading to Windows 10? That does not make sense.

It makes a certain sense. At this point, most everyone who hates Windows 10 and isn't allergic to switching to a different OS has already done so. Those who hate Windows 10 but don't want to leave Microsoft's nest are hanging back with 7. If the can give 7 the major disadvantages of 10 it will make it more likely that those users will "upgrade" to 10 sooner.

Re:Isn't it obvious why they're doing this?

[dcollins]

On the other hand, the IT at my university are the biggest Windows-boosters I've ever seen. Apparently never heard of anything open-source. Push "free" Microsoft trial products on everyone at any turn. Had the head of IT in the last semester claim at a department meeting that, "Windows 10 was entirely rewritten from scratch so it's much more secure." Updated all the classroom computers to Windows 10 a few weeks back.

Re:Isn't it obvious why they're doing this?

Our IT department (for a 10k desktop employee financial company) recently looked at upgrading to win10... their conclusion is that purely for data security reasons, and compliance with data protection law, we need to rewrite the non java (mainly .net) in house applications we have in jave, rebuild the java software we do have to work under linux (where actuly needed) and abandon windows desktops entirely. They believe that even with full windows 10 enterprise controls in place there is too much risk that customer data could transfer/leak to microsoft breaching our compliance with the law.

Re: Isn't it obvious why they're doing this?

You must work for National American University, huh?

Re:Isn't it obvious why they're doing this?

[aralin]

Actually they are doing it because of continuous integration. You will find out very quickly that there is no patching possible with continuous integration. There is only one path and only one direction, forward. No branching, no exceptions. Companies that switch to it always get to this point very quickly.

Re: Isn't it obvious why they're doing this?

[dcollins]

No, I do not.

What they really mean

[TommyNelson]

Microsoft says their new approach "increases Windows operating system's ability to send telemetry data by pushing such functionality even on those users who up to now were able to avoid them by not installing the corresponding patches."
FTFY

We need a new image, or a big list of KBs

Does anyone know if there's a site out there that lists all of the KBs required to bring a bog-standard fresh Windows 7 install up to "Current As Of August 2016" minus the telemetry and GWX updates? I'd like to prepare for this change by downloading ALL of the necessary updates as offline installers, and keeping them archived locally. So that going forward, I can reinstall Windows 7 and patch it up to "Current As Of August 2016" levels.

Alternately if there's a Windows 7 Ultimate image with all of this shit slipstreamed, that would be even better. My image is from 2013 from Digital River.

Re:We need a new image, or a big list of KBs

[Sarten-X]

A quick check of my WSUS server (covering Win7, Server 2012, Server 2012 R2, and Office 2013) shows 6600 updates.

Good luck.

Re:We need a new image, or a big list of KBs

[Anonymous+Brave+Guy]

For comparison, the Win 7 Pro machine I'm running this on has a little over 200 installed security updates (relative to Win 7 SP 1, I assume). It also has about 100 other updates, the overwhelming majority of which were installed by the supplier before delivery since I stopped installing non-security Windows updates by default long before this machine arrived.

I, too, would love to see a slipstreamed image that could be used to reinstall Windows 7 if necessary after this new silliness has taken over.

MSDN isn't going to have the individual KB's?

I bet there's a way to get the updates you critically need w/o the rollups for subscribers, if not... MS is setting their asshole on fire preemptively.

Re:Fuck you, Micro$hit

[Z00L00K]

I really wonder if this would go well with major corporations since they usually pick only individual updates and exclude some that may cause interference with other systems.

Broken as shit

[darkain]

With the number of absolutely fucking BROKEN updates that brick machines that have been pushed down the pipes, this is just going to send machines into a fucking nightmarish hell of instability.

Called it

[Kjella]

From when they announced cumulative updates:

But I don't see Microsoft going back to redo a patching system they've thrown out in Win10 to do us a favor, it seems far more likely they want to bundle it all from security patching to ads to telemetry to nagware.

Still hoping there will be separate KBs that you can install/uninstall for corporate/expert users and that the cumulative update is just what they push on the update site but since they've become plain evil lately it's hard to say.

Re:Can't have customers removing spy^H^Hecurity pa

Exactly. This is just another way to get their spyware/malware onto Windows 7 and 8 computers! Glad I am totally M$ and Windows free now!!

Turn Off Windows Update Service

For some reason Anti-Virus vendors have not marked this service as Malware yet. I have a sneaking suspicion they are taking bribes from Microsoft for this malware behavior. Any other entity, and it would be classified as malware.

Security Through Control

Microsoft needs to keep its assets secure. The integrity of the collected telemetry and marketing data is paramount. BY Microsoft retaking control of its computers, secure data can be collected from users of Microsoft's computers.

Microsoft has every right to lock down and control its hardware. People have had far too much control over Microsoft equipment.

Re:Security Through Control

[LVSlushdat]

I sure the hell think you forgot the /s there, Sparky.. You seem to have forgotten that those computers fucked up by updates are NOT MS's computers, they belong to the USER (or his company).. Microsoft has every right to go right out and FUCK ITSELF.... Of course, you're an AC.. I shouldn't be surprised that you're a shill for MS...

Re:Security Through Control

Seems you need to upgrade your sarcasm detector... New drivers for it will be in the monthly update.

Satya Nadella is a failure

This broken company with its broken software can't do anything right.

Corporate clients

[Kindaian]

will be jumping of joy with this.

Lets break all our business applications due to an update that can't be tested before hand and that is mandatory.

Just great.

Rural 'net

Hahahahaha. This is like, the best "fuck you" they can possibly do for people who have really slow Internet connections. People living in rural areas probably didn't mind the smaller as-they-come updates, but these giant blobs are going to wind up doing the opposite of Microsoft's vision.

Re:Just another old loser

[bondsbw]

They deserve it, at least this time. I generally like the direction Microsoft is going, except their update policy. The cumulative updates for Windows 7 since June have screwed up Bluetooth and they even acknowledge it in their KB article. I would like to just uninstall the piece that has the bug, but I have to uninstall the whole rollup update.

Why can't Microsoft just open source everything and play nice with the development community without making me cringe every time their update policy changes?

Not the complete story / Security-only updates

It would have been nice if the submitter and Slashdot editor would have taken the time to actually read/report the rest of the blog posting:

"Security-only updates
Also from October 2016 onwards, Windows will release a single Security-only update. This update collects all of the security patches for that month into a single update. Unlike the Monthly Rollup, the Security-only update will only include new security patches that are released for that month"

That sounds like a good solution for the rest of us who don't want all of the other "performance improvement" patches.

Re:Not the complete story / Security-only updates

[ilsaloving]

The only problem is that Microsoft has a very loose definition of what defines a "Security" update. They've already demonstrated that they will outright lie about an update to get people to install it (eg: Telemetry)

Re:Not the complete story / Security-only updates

Microsoft's idea which updates are security updates is sometimes shady.

Re:Not the complete story / Security-only updates

Exactly.
Seems someone big at Microsoft wanted to destroy Microsoft intentionally. Probably an Apple or Google snitch planted inside Microsoft building.

Re:Not the complete story / Security-only updates

Also from October 2016 onwards, Windows will release a single Security-only update.

Microsoft seems to feel particularly insecure about people running computers that are not sending continuous streams of usage information back to them. Therefore, all telemetry updates will be considered security updates. Their security.

Re:Not the complete story / Security-only updates

[treczoks]

And the ultimative scurity update for win7 / win 8 will be the update to win10.

Jawohl, mein Führer!

[OneHundredAndTen]

Except that I have no use for the trash that Microsoft produces Once again, consider yourself middle-fingered, Microsoft.

Makes it easy for crackers, though

[raymorris]

I absolutely understand why you'd say that. I've done that. However, the first thing the bad guys do when they want to break into a system is check for unpatched software. If you're running versions with known vulnerabilities, that makes things really easy for the bad guys.

So what can you do? For me, I use Linux and OS X. Yeah, if you're the type of person who enjoys fiddling with the registry, there's a learning curve. On the other hand, if you normally open browser when you sit down at your computer, Firefox, Chrome, and Opera are pretty much the same on any desktop OS.

Re:Makes it easy for crackers, though

[geoskd]

If you're running versions with known vulnerabilities, that makes things really easy for the bad guys.

Windows itself has become an unpatchable vulnerability because Microsoft *are* the bad guys, and they have the keys to the kingdom. Enabling / Disabling Windows update is now a lose-lose proposition. If you are stuck with windows, your only choice is whose malware you want installed on your computer...

Re:Makes it easy for crackers, though

[buss_error]

For the family, I got them inexpensive PCs without hard drives (a live boot dvd which I make for them so the printers and internal things work) and tell them to use that for going on line for web surfing, browsing, and banking. Everything else, use the normal PC with windows which is no longer allowed an Internet connection at the router (deny the MAC address for inbound and outbound packets, allow the internal network). It's not perfect but I've not had to work on their systems for several years now for much beyond failed hardware.

Very little of the Microsoft updates are actually needed for personal use if it doesn't connect to the Internet, and those that are needed I hand carry on USB drives.

Re: Makes it easy for crackers, though

My university does something similar. An image of the OS is rewritten every time the system boots up. So even if some may ware did sneak onto the OS partition, it would be squished next time round.

Re: Makes it easy for crackers, though

[SScorpio]

They are probably using SteadyState which is great for a computer lab environment.

Re:Makes it easy for crackers, though

you are already running malware on your computer, if you are running Windows. The BEST, in fact. the TRUMP of malware, YUUGE.

Re: Makes it easy for crackers, though

[MrNiceguy_KS]

Could be DeepFreeze, also

Re:Makes it easy for crackers, though

Total B.S.
WinXP SP1 with no updates applied, no flash, no java plug in, certain Windows services disabled, and an Ad blocker in Firefox and the machine is pristine and works perfectly.
Same with the Win7 and Win10 system with ZERO updates even.

Stop being afraid of the software you paid for. Make it behave (no phoning out of the PC) and then use it.

With this setup you do not have a license to use anything. You OWN everything and it cannot be taken from you by a remote corporation.

That's why I'm still on Vista

[jfdavis668]

Supported, but the normal way. Not this crap.

Re:That's why I'm still on Vista

[sound+vision]

It's only supported for another 6 months. Thankfully, the only reason I need Windows is for games... and the security updates aren't critical there, as long as you keep it off the internet. (yay single-player)
Hopefully by the time I build my next box it'll be the Year of Linux Gaming. ...But I figure I'll have enough power to run the games under WINE or in a VM by then.

Re:That's why I'm still on Vista

Hopefully by the time I build my next box it'll be the Year of Linux Gaming.

Don't hold your breath. SteamOS adoption has not been encouraging.

Not completely true...

[normanjd]

Enterprise customers will still get to pick and choose updates, so likely it is only the "Windows Update" that will be the cumulative only package. You can still manually download individual patches (at least if you have paid support.)

Re:Not completely true...

Got any evidence of that? Everything on that blog post makes it look like enterprise users can do a security only update instead, but still can't do individual updates.

Figures

I am still on 7 since I was able to pick and choose which updates to install. I don't want to go to 10, I have video cameras and software that hasn't been tested / approved on 10. I do as much as I can on Linux so I am down to one 7 machine. I wonder what fallout there will be when something doesn't work. Hopefully they get sued a lot. Really getting tired of their crap.

Linux forever!

Re:Can't have customers removing spy^H^Hecurity pa

[daid303]

Well, I never cared too much about those. But I did disable all updates about a month ago on my Windows7 and my GF Windows10 laptops. Why? They repeatedly fail to installed. Causing a loop of "using 100% CPU for about an hour, reboot, fail to install, reboot to roll back, and then using 100% CPU again the next day trying to install the update again."

After repeatedly fixing those updates, I gave up and just disabled all updates. (which was easy on Windows 7 and a pain in the ass on Windows 10)

Internet Connection Volumne Per Month

I ask myself if Microsoft realizes that a coupe of million users still logs in via UMTS and connections not larger than 300 MB per month in total transfer volume?
I have such a case in my family and bring updates for windows via USB stick every once in a while (once per year) as there is no other way updating my mothers PC and she refuses to accept that i pay for her internet flat rate.

BTW, this is German 2016 and the reason is that internet of higher quality and volume is unattainable for a reasonable amount of money in her city which is the 10th largest in Germany as of March 2016. I need to add she is poor by international standards as roughly another 20% in Germany, but such news don't spread over the borders anyway, I guess America can sing a similar song.

I explained her that next time i come she will switch to Linux and we will have a Linux training session all over Christmas. Ye!

Re:Internet Connection Volumne Per Month

Good work AC, you are doing the Lord's work. Respect.

MS to face massive Class Action Lawsuits

EULA is not going to protect them from the massive amount of damage they are about to unleash. Responsible companies will have to get off MS.

Re:Just another old loser

[geoskd]

Why can't Microsoft just open source everything and play nice with the development community without making me cringe every time their update policy changes?

Because Microsoft is not in the business of giving anything away free (as in freedom or beer). The only reason it didn't cost you money to "upgrade" from win 7/8 to win10 is because win10 isn't the product, *you* are. Microsoft is in the business of wringing every spare dime out of every source they can get. Everything they do is with an eye towards that end. They gave up on selling an operating system to get money from you because as a target of advertising, you are worth far more to them than a measly hundred and fifty bucks every few years. The advertising revenue per person for targeted advertising like that provided by search and by those who control the OS, are worth several hundred dollars a year per computer in ad revenue.

TANSTAAFL

I just figured it out.

I have thought long and hard as to what Microsoft must be thinking. I think I have finally figured it out. After all these years it finally occurred to them that Apple has the right idea. (Keep in mind I am not an Apple fan). Hear me out, this really makes sense. With as large of a user base on varied hardware that MS has accumulated over the years, it has become nearly impossible to cover all use cases. They figured out that if their user base was smaller and less varied in skill levels, they will not have to work nearly as hard at trying to put out acceptable software. Malware writers will turn towards attacking other platforms more because MS no longer is profitable for them due to the smaller user base. This left MS with a serious dilemma, how to reduce the user base while keeping the less skilled users. Their first plan was Windows 10, lets face it, anyone that knows anything about computers would NEVER use Windows 10. They figured offering a free upgrade would get EVERYONE to try it and those with half a brain would try to revert back to their previous systems which of course would fail leaving them the only option of either reinstalling Windows 7, 8, or 8.1 OR installing another platform. Those that went back to previous OS and those that didn't fall for the free downgrade, I mean upgrade, to Windows 10 and stayed with whatever version they already had were a much larger number than MS expected. This left MS to try to needle them into going elsewhere by trying to force telemetry etc down their throats. Alas, third party programmers messed that up for them by releasing tools to prevent it and or instructions as to how to do it manually.
Now, MS has had enough. They have decided it is time to force those users to leave the platform because they have demonstrated that they are the users that MS no longer wants. The easiest way to do that is to FORCE all users to accept whatever updates they send regardless of what it may or may not do. They know that enterprise users and power users which are no longer their target customers will never sit still for this. They know the first step will be turning off all updates. They also know that without updates, those users will be looking for a new platform. BAM, MS now has a smaller user base which is easier to manage and they don't have to worry about those Power Users changing the settings on that computer that apparently belongs to MS. They also will no longer have to worry about 3rd party programmers putting out software to compete with their useless programs anymore.

See, once you think about it, it all makes sense.

will the creepers update too?

MS are running an 'exchange student' programme - 'bash' is available in Winloze, and now PowersHell is in Linuxland. How long before you need MS's monthly rollup to keep PowersHell running on your (previously more secure) Linux system? How many backdoors, spyware and malware vectors are being foisted on the FOSS community? MS's plan - take over Linux - servers first, as this is major competition for their own 1/2 baked sh!t.

Hahaha - captcha = "infects" .. I kid you not.

Re:will the creepers update too?

[LVSlushdat]

ANYbody who uses that brain-dead piece of shit called PowerHell on Linux needs to have his head examined, or better yet committed to an insane asylum...

Re: will the creepers update too?

You could say the same thing about systemd, yet here we are.

Re:Can't have customers removing spy^H^Hecurity pa

You can try running `sfc /scannow` in an admin console window. If it says it repaired corrupted entries, you can then try rerunning the patches (and run another `sfc /scannow`). No guarantees that it will resolve the problem, but that's Microsoft.

Re:Just another old loser

[LVSlushdat]

Thats all well and good that those who took advantage of the "free" Windows 10 are the "product" for MS to milk.. BUT.. Now that you actually have to *buy* Windows 10, these copies of Windows 10 are like the old versions, either you get it on a new machine or you buy a boxed retail disk or perhaps, for system builders, an OEM copy of it... People who have had to *buy* Windows 10 since the end of July have a seriously valid greivance against MS, and I'd be surprised if some very hungry lawfirm (or group of lawfirms) don't spin up a class action suit against MS for "double-dipping", namely datamining both "free" copies AND purchased copies... I'm sooo glad I gave up using MS products about 6 years ago, after using/supporting said products as a sysadmin for close to 20 years...

MS Windows users have easy options to migrate

[chris2net23]

There are companies that sell and support GNU/Linux hardware today. It's not terribly hard to go and find hardware. ThinkPenguin's got hundreds of computers and peripherals that all work out of the box and unlike the majority of hardware on the market come with proper support so you don't have to worry about losing it during an upgrade.

There are also efforts to free us from the treachery of the few proprietary components that remain, but it's a bigger uphill battle. Intel and AMD are working against us instituting proprietary components on core components (ie the CPU). These components contain malicious software including remote control functionality. It's sold as being for corporations, but you can't disable it, you can't remove it, and even if there was a feasible means of reverse engineering it replacement firmware won't load as Intel/AMD are signing these components. We know for a fact that backdoors are being inserted into peripherals and computers alike. Where the US is forcing it into CPUs designed by American companies that ship with all modern laptop and desktop systems the Chinese are incorporating it into keyboard controller firmware (home grown ARM laptops, though there is a OS level component needed as well).

If you want NSA-free computers check out the effort to do that here: https://www.crowdsupply.com/eo... (there are already finished prototypes, the campaign is to bring a small number, 250-500 units into production, before a larger roll out, mass production can happen).

All Your Updates Belong to Us

We control the vertical, the horizontal, and all your fucking updates. - Microsoft.

Telemetry

[Bert64]

So much for trying to blacklist just the telemetry updates then...

This is bullshit

I don't care about Windows 8 ot 10. Those users are already fucked with telemetry up their asses.
But don't fuck with Windows 7.

Re:This is bullshit

[ilsaloving]

I hate to break it to you, but Telemetry was backported to Windows 7 as well.

Re:This is bullshit

[sexconker]

You can avoid it if you choose to not install the individual updates,

Re:This is bullshit

Which is exactly why they're removing that choice.

Your problem is Störerhaftung

[tepples]

Germany might be a special case because of Störerhaftung, its presumption of liabilty of operators of open Wi-Fi hotspots for their users' infringing or otherwise illegal activity. In any other country, users who rely on UMTS, LTE, or satellite can take their laptops to a restaurant or public library to use unmetered Wi-Fi.

They are also releasing a Monthly Security Rollup

They are also releasing a Monthly Security Rollup that only includes security fixes. So you're choices are:
1. take only the security rollup
2. Take the monthly rollup that includes security and non-security related patches
3. Stop taking any windows updates
4. Stop using windows

I've already been testing whether or not I need Windows....

Yes

[thegarbz]

Their collected telemetry shows yes. Except that it's not stupidity, it's just that most people don't give a shit.

Is this because we ignored windows 10

The current system has worked fine for a very long time, this is about people not installing windows 10 nagware updates

Stop updating completely? Methods and comments

[Futurepower(R)]

Quoting the parent comment, with modifications: We've seen Microsoft's continuous stream of lies and incompetence... including a number of "bugs" and "mistakes" that appear deliberate.

An article I wrote last year, Microsoft Windows XP "end of life", makes the point that Microsoft fixed 319+828+459=1,606 bugs in Windows XP since Windows XP SP1 was released. Now Microsoft says Windows XP is still too buggy to use. We have 16 computers running Windows XP and haven't had any problems. And software does not have an "end of life", it continues to do what it always did.

Why do Adobe Flash and the Windows operating system have so many vulnerabilities? Do Adobe Systems and Microsoft sell vulnerabilities to secret government agencies and fix them when they are publicly discovered?

Ideas:

1) Use Autopatcher until Microsoft's begins its new system of hiding even more completely what it is doing with its updates.

2) Don't allow any Microsoft operating system to have a connection to the internet. Use Linux on a separate computer on a separate network for internet connections. Use Bluetooth to communicate between the Windows OS network and the Linux network.

Re:Stop updating completely? Methods and comments

[Kvasio]

Idea with higher priority: use some software, such as "WSUS Offline Update" to make a backup of past patches, so when you reinstall, you get Win7 patched as for mid-2016, and not 2006 nor Win10.

Re: Fuck you, Micro$hit

I was thinking the same thing. My corp is very picky as to what updates they pushed. I'm wondering if MS has a plan in case they get push back. I get very annoyed with MS because just when they look like they are finally getting it they do something bone headed like this.

Re:Can't have customers removing spy^H^Hecurity pa

they should try making the telemetry update not suck massive hairy balls
because when i have it, every reboot, my hard drive goes absolutely crazy and the computer is unusable for at least 5 minutes, and if you uninstall it it works again and the hard drive doest sping like a helicopter on coke

i dont care about their spying per se, but when those patches screw with the proper operation of the system then i dont install them, not because of the spying, because they are SHIT patches

maybe you guys are using ssds and stuff like that but i have a pc from 2008, its probably not even the latest sata version, but the diagtrack update (the telemetry one) totally destroys the computer for 5 minutes after every reboot

the problem with microsoft goes way beyond their retarded poo in the loo level decissions, they cant make their stuff work properly either, I mean even with a system that spies on people and has a terrible gui or whatever, if everthing works, it has value, but their stuff is subpar to the point they can release a free operating system and most of their users prefer to use older operating systems

its a massive epic fail anyway you look at it

and how they fuck are you gonna enforce it

and how they fuck are you gonna enforce it, and m constantly now having an urge to beat up microsoft people and americans ...see what your doing.....your turning me into a terrorist OHHHH NOOOO

Re:and how they fuck are you gonna enforce it

They'll enforcing it by not providing individual updates as individual downloads. What you do with the roll-up updates is up to you.

BUY windows 10

BUY windows 10 ...We know your a retard if you want our software , so don't worry we'll spy on everything for you....place a camera n and have it rotate and we'll even watch your wife and kids cause we gotz perverts too

lol

the entire win 10 OS is a virus why the hell would i ever want that.....EVER you could make 7 slower then windows 1 , id still never want it....9 or 8

Re:lol

[Lisias]

the entire win 10 OS is a virus why the hell would i ever want that.....EVER you could make 7 slower then windows 1 , id still never want it....9 or 8

Being that the precise reason they are slowly turning Win7 into Win10. Patch after patch.

Before / After Win 10

Before MS started trying to force Win 10 upgrades, I did the following:
- used Win 7 SP1 and allowed it to update
- recommended Win 7 to people
- played with Linux and OpenBSD but didn't use it for my daily driver

After MS pulled the Win 7 telemetry update shit and tried to force Win 10 upgrades deceptively:
- switched my main box to ESXi with a Xubuntu and OpenBSD 5.9 system that I alternate between
- recommend Linux Mint and other Ubuntu flavors to anyone who asks
- show people how Win 10 is likely spying on them (wireshark packet capture data with hundreds of TLS connections to MS servers, sending large amounts of data)
- won't use Win 7 again after learning that they're going to try to shove telemetry updates and other badware down users' throats like in Win 10
- might use a pirated Win 10 install vlanned off onto its own quarantine vlan to play games (not even browse)

I'm guessing there's a fuckload of people like me who reached the limit of what we'll tolerate from MS. Good job, Satya.

Re:Before / After Win 10

Before MS started trying to force Win 10 upgrades, I did the following:
Used macOS

After MS pulled the Win 7 telemetry update shit and tried to force Win 10 upgrades deceptively:
Used macOS

I think not,

[God+of+Lemmings]

my friend Mr. firewall would like to have a discussion with you.

"we own your computer we'll do what we want"

[God+of+Lemmings]

With this kind of attitude, I think its probably a good time for a non-microsoft influenced operating system to make its move into microsoft's bread and butter.

Re:Fuck you, Micro$hit

[haruchai]

Some of our Windows systems that run proprietary software are only allowed to have updates approved by the respective vendors or our service contract for that system can be voided.

Impossible task

Looks like securing Win 10 and making sure all your drivers and applications to work flawlessly is already an impossible task with Windows 10.
But would be very easy to do with Ubuntu or Mint. Linux being more user friendly than Windows these days.

Re:Can't have customers removing spy^H^Hecurity pa

I guess they really didn't like people removing telemetry KB updates.

I forget which of the "improving the update experience" updates it was, but it was in my optional updates, and I selected it and told Windows to hide it. It was back the next day (I'd applied updates to RDP, and some follow-on updates came down immediately, dragging the telemetry crap with it).

Re:Fuck you, Micro$hit

Some of our Windows systems that run proprietary software are only allowed to have updates approved by the respective vendors or our service contract for that system can be voided

And those lazy vendors are now forced to support cumulative updates because there literally will not be any other choice. Don't you see? Those vendors are the ones that are now being bitchslapped into submission and forced to keep up. They will have no choice but to approve the cumulative updates because that is how to keep systems security. Their 'we have control' mentality is being kicked to the curb.

(However, it is easier for them - no longer do they have to pick and choose what to support, they merely have "Windows 7." Hopefully, it means everyone will have the same C++ runtime, for example, the same .Net framework etc. etc.)

It's not about security it's MS being cheap

Microsoft fired a huge number of their testers about a year ago. They probably finally figured out that they can't do reliable compatibility testing with their current manpower so now they are trying to reduce their costs by reducing the number if in-the-field configurations that they have to support. Unfortunately this will really hit 3rd party business app developers who were able to disable individual updates when they unexpectedly killed their app until they found a fix. In the end this may actually backfire if. Given a choice between killing a critical line of business app or disabling updates guess what most businesses will do. To reduce outage potential from MS updates I suspect many more developers (I already have a few) will now release their own (delayed) update schedule in order to make sure that nothing MS did will kill their programs. And that will leave businesses unprotected for longer period of times until each of their critical software venders give them the go-ahead for the next update.

Can't wait for Patch Blockers

I can't wait to see them bringing Law suits against End Users for Blocking their Patches and Ads.. "stealing Windows Leased operating systems"

Re:Can't have customers removing spy^H^Hecurity pa

The NSA is probably kicking their ass behind the scenes cos they're not doing a good enough job keeping to the terms of the NSL.

How long until...

[erp_consultant]

the monthly patch includes Windows 10 - whether you want it or not?

Going to stop applying updates

I think I'm better off taking my chances with malware than allowing Microsoft to put anything they want on my computer without me having any ability to know what it is, so I'm going to stop applying updates. I think I'll run Outlook and my browser in something like Sanboxie instead. It's really sad when you can't trust your OS vendor not to plant spyware and adware on your computer, just like the rest of the bad guys do, but Windows 10 has shown us that's that situation we now face. My longer term goal is to switch completely to Linux (I use Linux for certain things but not as my day to day desktop or laptop), but that's going to take some time. One thing is for sure though, I'm not buying any more Microsoft operating systems. I'll keep Windows 7 around in some form, even if it ends up as a virtual machine under Linux where I can control its network access, until I can come up with a good replacement for Outlook as an Exchange client, but I'm not going to get anything new.

Microsoft no longer has it's retail customers best interests in mind. Instead, it sees them as a source of personal data to mine and a source of ad revenue, nothing more.

The amount of stupid people in this discussion...

...is too damn high.

Can we stop the paranoia?

[matushorvath]

Do you realize how much testing must go in to checking that all possible combinations of patches work correctly together? This is clearly just cutting the costs of supporting older systems. Now there are no combinations, since each patch gets Windows to the same state, so they only have to test one thing a month. This also means they can test it properly, so you have lower probability that installing a patch breaks your system, which means lower support costs as well.

This is consistent with their effort to move everyone to the latest Windows version, so they don't have to support Windows 7 for 15 years like they had to with Windows XP. They have clearly checked their accounting and found how much money is being spent because of the complicated way they support old versions, and now they are decreasing those costs.

Also, this is the exact same way most other companies release updates. You don't see Adobe giving you the option of selecting which individual DLLs you want to patch in Photoshop. Microsoft is just moving towards the same patching plan other companies already use.

Sometimes I wonder if any Slashdot readers work in actual software companies. Because if you have real world experience with software development, you understand why this is done.

(I am not assiciated with Microsoft in any way)

Re:Can't have customers removing spy^H^Hecurity pa

[daid303]

I think you missed my point. I did that, and all the other hoops you need to go trough when updates fail. It's the frequency and the amount of different hoops I had to jump trough that caused me to say "screw this".

Re:They are also releasing a Monthly Security Roll

I have one Windows computer that is controlling my 3D printer. Lucky enough the drivers and Simplify3D work perfect under Linux. So - that's one down.
My second Windows computer is running music software (Cubase, Omnisphere 2 etc.), that also can be run on OSX. So - setting aside some money monthly until I can afford a suitable MAC. That'' s the second one.

That only lefts me with my main system that is already in dual-boot with Linux. It's only dual boot because I want to runs some games that are (not yet) ported to Steam-Linux. The Windows in dual boot has no access to my main (Ext4) hard drives and my data. I don't use it for mail or anything important, so they can "telemetry" the hell out of it, but they won't get anything beyond (some of) the games I play.

Once the transition is complete (what won't take that much time), I will be able to relax again. Microsoft can put his policy's in a place where the sun has no access.

TANSTAAFL (Was Re:Just another old loser)

The man who coined that acronym also wrote stories in which the hero typically was on a quest to find a new planet or other venue, or some new subversive or revolutionary paradigm to evade the grasp of the exchange brokers, beancounters, bureaucrats, and the marketers (collectively, the Borg) and the Usurians pulling the strings behind the scenes. Furthermore, the lost time and productivity to keep these parasites in control and selling your eyeballs costs us, individually and collectively, much more than several hundred per year per seat, I'd wager.

There may be no such thing as a free lunch, but you can avoid the worst of the hidden costs by using systems and software freely and collaboratively developed.

I shouldn't have to point this out on /.

Re:Fuck you, Micro$hit

I really wonder if this would go well with major corporations since they usually pick only individual updates and exclude some that may cause interference with other systems.

People keep bringing up corporations with this concern.

I think it's rather obvious at this point what Microsoft's end goal is, so they have penned a formal response to "corporations" who have to be e-blackmailed into upgrading to Windows 10, which IS the ultimate (borg) goal; "Fuck you very much and have a Nice Day."

Re: Can't have customers removing spy^H^Hecurity p

[Kevster]

The most annoying thing to me is that it *doesn't* sit at 100% for hours. I have a 6-core CPU, and it sits at 16% for hours because the update process, whatever it is doing, is doing it as a single thread. Obviously it can't take advantage of multiple cores.

Keep in mind old Hotfixes will go away - image now

[sasparillascott]

Not noted in the Slashdot entry is that after the October takeover of PC ownership via Windows Update is that Microsoft is going to backport the hotfixes into the mass monthly updates (and presumably remove those hotfixes from availability afterwards).

The consequence of this is that soon you will not be able to do a fresh install of 7 or 8.x and install only the hotfixes you want to get them up to (pre Oct 2016) as the old hot-fixes are going away too. If you're stuck using Windows better get your all your systems that you want to use imaged with all versions of pre Win 10 and updated (with the bad data monitoring hotfixes kept out) prior to the October updated. Windows 7 security updates were to go through 2020 and 8.1 through 2023.

It also appears there might be a method going forward for the true nutwads (like myself - I want the gaming - Linux partitions now though) and that will be to turn off Windows Update and use the Windows Update catalog site (a horrible MS site - at this point its a screen with a search window in it) to get security only updates...no details on how that will work, other than its mentioned in Microsoft's official announcement. For the general public though, Microsoft takes over control of their computers and will install user monitoring in the next months if they use Windows Update.

Remember old hotfixes will go away over time

[sasparillascott]

If you read the announcement you'll see that the old hotfixes (including the user data monitoring ones, if they aren't in the October push already) will get backported, over time, into the massive monthly update. The obvious consequence of this is that those old hotfixes will go away as they are backported and no longer be available to users.

I wouldn't count on those hotfixes being around, better create reference Win 7 / 8 images with updates prior to the October takeover for all your machines, turn off WU and back them up. As we've seen Microsoft's condensed Windows 7 up to date patch includes the user data monitoring updates, no reason to expect they'll stop that after they make everyone's PC's their 8itches next month.

That won't be available via Windows Update

[sasparillascott]

This avenue won't be available via Windows Update & us a PR cover - most folks won't be able to do it. You have to go to a Microsoft website that consists of an empty page and a search bar and enter the security only patch you want to download. I'll do this, but most users would never what to put in to start with.

Incorrect, other PC OS's aren't like this

[sasparillascott]

While Microsoft's PR group would agree with what you said, if you look at most other PC OS's it doesn't work this way. Over on Apple in Mac OS X, they separate their security updates out from their other patches (and they don't have back ported data monitoring patches from Windows 10 in there). Over in OS X there isn't data monitoring to begin with. And the stuff that goes up to the cloud can be turned off with 2 checkboxes. Over in Linux you can do whatever you want.

The other side of this is that Microsoft will still have to test each fix individually prior to them going into a monthly lump - this is why they got rid of the service pack because of the double testing - in the end there will be little reduction in testing costs.

This is all about turning personal PC's into Microsoft's data monitoring tool which is worth alot of money to Microsoft for each personal PC every year - giving them control over your PC's data like an Android smartphone. As someone else noted the user data monitoring in Windows 10 and backported to Windows 7 & 8 in prior hotfixes (which could be avoided) is worth alot of money every year and after the October takeover Microsoft is gradually going to roll in the old hotfixes into the monthly updates over time and eliminate them. Microsoft's recent history requires no paranoia at all - they actively choose this for their customers:

http://www.theregister.co.uk/2...
https://www.theguardian.com/wo...

Nope, they will have only one

"Windows 7 and Windows 8 users will now only have two choices"
One choice, two options...

Re:Just another old loser

TANSTAAFL -- What a bullshit saying. You must be a Capricorn.

Re:Fuck you, Micro$hit

That's who this is targeted at.

Major corporations are ignoring critical security updates, and getting machines turned into zombies because of it. This is going to put a stop to that shit.

Sue Microsoft

Somebody sue these bastards already.

Windows 7 users had to pay for their operating system.

And one day...

[treczoks]

One day, this "cumulative update" will leave the PC as a win10 machine.

Glad to be on XP

[Sir+Holo]

Well, that news is a bit of satisfaction to me.

For I still run Windows XP.

Re:Glad to be on XP

I'm wondering if they're going to kill of XP updates on Windows Update. The past updates that I think are still there if you need to reinstall.

https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/

The Microsoft Update Catalog website is being updated to remove the ActiveX requirement so it can work with any browser. Currently, Microsoft Update Catalog still requires that you use Internet Explorer. We are working to remove the ActiveX control requirement, and expect to launch the updated site soon.

Re:Keep in mind old Hotfixes will go away - image

[Kvasio]

just use "wsus offline client" and make yourself an archive of KB's and installation script.

Its so sad that it come to this

I am so sad to see it come to such a painful end. I actually bought Windows 1.0, which was not very impressive, in my youth and have had a machine running a Windows version ever since. I did managed to skip the most disastrous versions (ME, Vista, Bob and friends) and as a result had a pretty good run. By Windows 7 it had finally become a stable workhorse OS that, for a time, served me well as its owner and master.

With Windows 8.x and then 10 it became evident that Windows as an OS no longer served me as its (paid and rightful) owner but instead answered to an increasingly malevolent master who was working against my will and interests. Its aim was nothing other than to harvest and sell me, my identity, my movements, my thoughts, my keystrokes, as a product like any other meat based commodity. I knew I could not in good conscious willingly give myself over to such abuses. I concluded that Windows 7 would be my last Windows and in my personal view was THE last Windows as I knew the product all these years, with the things that came after no longer sharing a common purpose with those that came before.

The only more nefarious and abusive thing they could possibly do was to take the Windows 7 the I own now away from me. The tried heartily to wear me down with deceptive pop-ups and then with malicious corrupting patches but, through great effort, I diligently thwarted them all. Now it seems the end has come, my paid copy of Windows 7 Professional will be corrupted by force or left to wither and be ravaged by wild dogs and the NSA in what I personally view to be a heinous crime against all humanity.

As a long term Microsoft customer, the sentiment I now associate most with the company is betrayal.

WSUS Offline Update or Autopatcher? Which best?

[Futurepower(R)]

Good idea! Autopatcher saves Windows updates, also.

Uhh, error in the summary

Windows 7 and Windows 8 users will now only have two choices: stop updating completely and leave your computers vulnerable to security holes, or accept everything single thing Microsoft sends you whether you want it or not and leave your computers vulnerable to new security holes.

There, fixed that for you...

Re:Just another old loser

[lucien86]

God I wish I could give it up. Every month it seems Microsoft/Windows are becoming more and more like a disease. I'm stuck with too much software that simply doesn't run on anything else.. A huge amount of money to throw away .. a choice between Linux and OSX in the near future maybe.. Used Linus years ago at uni - gritting my teeth already. :)

Faulty updates????

So, what about these updates that MS releases that cause bugs and BS? I've had updates applied to a server that cause the whole network to basically go non-functional. That was just a single update, too! This is just crap news.

Thanks, MS. BTW, looks like all of the Windows 7 people who didn't want to make the switch are in basically the same boat, now. You all had to know you weren't safe from this type of tyranny. Hence why the rest of us said, "Fine. We'll get the free upgrade and not have to pay $200 later to stay in support for longer."

Not that I didn't like Windows 7...Just saying. We are all in the same Microsoft boat, Windows 7 or not.

Re:Just another old loser

[Ann+O'Nymous-Coward]

Astrology -- what a bullshit myth. You must be gullible.

Incentive

[ET+Admin]

Any large publicly traded corporation has HUGE incentive to get it right, and keep your PC and data safe from malicious actors. With media markets driven by clicks, and an army of lawyers itching to use the words, "class action". I understand and agree with the FOSS communities, and am grateful they are there, but I am also pleased with the MS platforms I manage single-handedly with over 400 users. MS is the least of my problems.