Microsoft 'Stealth Update' Proving Problematic

DaMan writes "According to the site WindowsSecrets, the stealth Update that Microsoft released back in August isn't quite as harmless as the company claims. The site's research has shown that when users try to do a repair to XP subsequent to the update, bad things happen. 'After using the repair option from an XP CD-ROM, Windows Update now downloads and installs the new 7.0.600.381 executable files. Some WU executables aren't registered with the operating system, preventing Windows Update from working as intended. This, in turn, prevents Microsoft's 80 latest patches from installing -- even if the patches successfully downloaded to the PC.' ZDNet's Hardware 2.0 has independently confirmed that this update adversely affects repaired XP installations: 'This issue highlights why it is vitally important that Microsoft doesn't release undocumented updates on the sly. Even the best tested update can have unpleasant side-effects, but if patches are documented properly and released in such a way that users (especially IT professionals) know they exist, it offers a necessary starting point for troubleshooting.'"

Let me be the first to say...

[morgan_greywolf]

Duh. Undocumented updates cause problems. In related news, failure to check for a buffer overflow causes software bugs.

Re:Let me be the first to say...

[igny]

That is why I have a clean reinstall for all Winboxes every Tuesday.

The real problem is ...

[vtcodger]

***Duh. Undocumented updates cause problems.***

Whereas documented updates are magically OK?

OK, OK, that's not really what you meant, and it's not your point

=====

If you ask me, the real problem is updates. Let's say that one update in 50 is significantly defective -- which is, IMHO, quite optimistic. Let us further guess that 50% of the defective updates introduce new unexpected problems rather than failing to (fully) fix the existing problem -- they do test these things. At least I hope they do. What is likely to get past testing is errors in areas that no one thought would be affected. Lets assume that there are 10 updates a week on average, and that the average time from first report to fix is four weeks.

If you just uncritically load updates, you'll download new grief every 10 weeks or so and take four weeks to get it fixed. that means that five times a year, you'll unwittingly install a significant new problem and that about 40% of the time you'll be living with one or more of these things.

IMO, the best strategy -- at least for larger operations -- is to evaluate each and every patch, and to load only those which seem absolutely necessary. Even that is not going to work all the time.

As for updates that you aren't asked about... A truly bad idea. Hopefully Microsoft and other operations that believe in automatic updates will learn their lesson from this relatively modest (we hope) fiasco and will never ever do THAT again. Memo to organizations that do that. If your QA -- who are overworked, underpaid, and probably need a vacation -- screws up at the wrong time and you put an important business sector offline for days or weeks, you are looking at a major league class action suit. Don't expect the shrinkwrap EULA to protect you.

Re:

[kiracatgirl]

Good lord, 10 updates a week? I don't think I even get 10 updates a month.

Re:The real problem is ...

[jvkjvk]

. Memo to organizations that do that. If your QA -- who are overworked, underpaid, and probably need a vacation -- screws up at the wrong time and you put an important business sector offline for days or weeks, you are looking at a major league class action suit. Don't expect the shrinkwrap EULA to protect you.

And why not? How many times have there already been problems that put important business sectors offline for days or weeks and not one software vendor has suffered a class action suit, or even any repercussions beyond ultimately (and most times not even then) having to say "Oops! My bad!" ?

I have no idea what is "protecting" these software vendors other than the halo that we are dealing with software and everyone expects things to go very bad once and a while in the field but the threat of lawsuits at this point is laughable.

Note: I am merely reporting on the actual state of things, this does not mean I agree with it.

enterprise ready operating system

[number6x]

You have zeroed in on the heart of this problem with laser like precision. I couldn't agree more.

If you run a business on an OS you need to know the details of upgrades. You need to test all upgrades against your production machines before applying the upgrade.

I am not talking about a home desktop, or even a corporate desktop system here. Think about computers used to control water or fuel delivery. Maybe a system that reconciles ATM transactions at a bank, or adjusts inventory databases from sales at retail locations, or the automated system that routes calls to a city's 911 emergency center.

Businesses and Governments depend on many customized pieces of software day in and day out. All software changes must be tested and shown to have no ill effects before thay are applied to enterprise production systems.

Any OS that does not allow the user to control the application of patches and updates, and instead updates systems by stealth, is not ready for the enterprise.

Think about the problems that could result if people use an OS like Windows in misssion critical applications that involve lives [slashdot.org].

Even if lives are not involved businesses cannot tolerate amateur stunts like stealth patches from an OS vendor. They could lose billions of dollars trying to find out the cause of a problem.

This highlights how out of touch Microsoft is with the needs of enterprise level customers.

Re:enterprise ready operating system

[smellsofbikes]

It seems like there's an obvious way of doing this, already organized with Windows distribution: Windows Beginner, Windows Home Edition, Windows Water Wings And Training Wheels edition, Windows For Dummies, and Windows-Cheapo-Walmart-Box come with updates enabled; Windows Ultimate, Windows Business, Windows Corporate, and Windows Damn I Paid A Lot For This License come with updates disabled but a little pop-up informs users that new updates are available, and Windows Yes I Do Actually Know What I'm Doing lets users update the patches themselves.

Just let us patch the systems

[192939495969798999]

Why not just let everyone patch their systems, and shut off the "non genuine" check or whatever is blocking this? Why wouldn't you want people to patch the systems? Doesn't an unpatched and infected system equate more directly to lost revenue than a "non-genuine" flagged system?

Re:

[musikit]

to me it seems that MS is charging for updates (or wanting to move toward charging for updates) to windows now instead of for windows itself. since if i warez windows i have a perfectly good machine with an OS it is only for updates that i am forced to actually pay for windows.

to me it seems that a large majority of issues with windows can be solved in 3 ways
1. dont use the OS "Add ons" (ie outlook msn messager etc)
2. use a properly configured firewall
3. dont be an idiot.

i have no problem following these 3

Following your train of thought

[laing]

Then wouldn't it be in Microsoft's best interest to ship all installable releases with deliberately deficient code? This way they virtually guarantee that the end user will connect for an update. In a way they are already doing this with manditory activation (some features turn off if Windows is never "activated").

Re:

[192939495969798999]

or worse, deliberately ship with a critical security hole. What's the incentive to patch only the genuine machines if you have a huge contingency of non-legit installs that are being used in a bot-net to assault the genuine machines for new deficiencies at all times?

Re:Following your train of thought

[Pharmboy]

Then wouldn't it be in Microsoft's best interest to ship all installable releases with deliberately deficient code?

Are you saying they aren't?

Re:

[sg_oneill]

Well it wouldn't be the first time. See the (early) Windows deliberately crashing on DR-Dos fiasco.

Re:

[somersault]

Why are you highlighting his blog date rather than the date of his post, unless you are suggesting that being able to display your last blog date is an exploit is a bug, which I doubt.

Microflaccid strikes again

[jollyreaper]

"I will gladly patch you Tuesday for something I broke today."

Subconscious or stealth push to Vista?

[Bearhouse]

I guess their focus & therefore resources will switch more and more to Vista, so this kind of thing will probably happen with increasing frequency.

Re:Subconscious or stealth push to Vista?

[Rob T Firefly]

"Nice PC you have here. Shame if something were to happen to it..."

Re:Subconscious or stealth push to Vista?

[Frosty Piss]

True. They have a tough road ahead to make Vista live up to Win98. But seriously, I suspect that there are many great code advances in Vista, and that if it where not encombered by paranoid we-must-control-the-consumer DRM security model, it might actually be better than XP. As long as the consumer (vs corporate) is not Microsoft's actual customer, they will continue to offer the opertunity for user friendly Linux distros like Ubuntu to gain market share.

Re:Subconscious or stealth push to Vista?

[Frosty Piss]

It was a "joke". I can't think of much worse than Win98...

Re:

[AJWM]

I can't think of much worse than WinME...

There, fixed that for you.

Re:

[PitaBred]

Funny doesn't give you karma. Many funny jokes are modded insightful to give a karma boost instead of just being funny.

95 to 98 compared to XP to Vista

[CritterNYC]

I believe the reference is to how well Windows 98 (and 98 SE) was received by Windows 95 users (98 offered lots of good fixes and new features over 95) as opposed to how poorly Windows Vista is being received by Windows XP users (since it doesn't really offer any must-have features or bug fixes).

The problem with MicroSoft

[phoenixwade]

This is the reason I support and use Linux. It started as a hobby, something to do with old equipment. But, now it's because of disclosure. I know what is being installed, and can choose when to update, what to update, and, If I've the time and inclination, I can take the update apart, see what it's doing, and even modify part of it.

Microsoft doesn't allow me this, and continues to fail to predict the negative consequences resulting from these choices. Apple at least gives me the option of installing an update, even though they have a bad record on the full disclosure thing too.

 

Re:

[Anonymous Coward]

I know what is being installed

You know whats installed, eh? So you go through and check the source of all code that is being installed on your Linux box? I understand the idea that because it is open source, there must be no problems with what you are installing, but don't make the false assumption of this, because as Linux becomes more and more popular the chance of something getting on your system that you were unaware of will most likely grow. Everything might not always be so hunkydory.

Re:The problem with MicroSoft

[apparently]

at a minimum, if any given end-user doesn't have the time or ability to look at the source of each piece of code, there is a worldwide community of individuals who can pool their time and ability to dive into the source, and if anything suspicious or odd is going on, there's a good chance (at least compared to closed-source) that it will be found and reported. So even the Linux newbs who don't know source code from morse code still benefit. (disclaimer: naturally, it's not completely so rosy. Any given grandma isn't going to be looking up this information, but I think the point is still valid)

Re:

[pilgrim23]

"- continues to fail to predict ... consequences"

which is why Microsoft
  predictably and consequentially continues to fail

WTF

[Ariastis]

Wasn't it for windows update to "work properly" that those patches were released? Way to go MS, foot in mouth, lather, rinse, repeat...

Re: Broken Process

[TaoPhoenix]

Maybe they forgot to rinse.

The lather-repeat caused a buffer overflow.

Why did no antivirus s/w pick this up?

[jkrise]

A dozen system files have been updated as part of this undocumented stealth update... and yet not a single antivirus software reported this. Why?

How do these antivirus programs know for sure that these updates were 'harmless' and 'normal behaviour'.

In light of this revelation, I think corporates must now take action against these antivirus firms for not preventing this breach. Let's see what Microsoft has to say to this 'harmless' update that allows users to 'know and be informed of further updates'. A Media Defender style expose' of internal communications on this issue would be very interesting indeed.

Re:

[Etrias]

A dozen system files have been updated as part of this undocumented stealth update... and yet not a single antivirus software reported this. Why?
How do these antivirus programs know for sure that these updates were 'harmless' and 'normal behaviour'.
In light of this revelation, I think corporates must now take action against these antivirus firms for not preventing this breach. Let's see what Microsoft has to say to this 'harmless' update that allows users to 'know and be informed of further updates'. A Media Defender style expose' of internal communications on this issue would be very interesting indeed.

Updates are run under the system user process. If you had ever been a Windows admin, you'd know that there are all sorts of ways to hide updates and the like from users...which means that there's something in the process that MS can enable to hide it from their users. The reason no AV caught it is because it was using an update service already approved by the AV program and was running it under the already accepted system user.

I'm not saying that I approve of their actions, I don't. But just becau

Re:

[sqlrob]

BITS has had known flaws. Why should AV give it a free pass?

Re:

[sqlrob]

And it uses BITS, IIRC. Which means you definitely have the potential to install bogus updates. *NOTHING* should get a free pass.

Re:

[sqlrob]

If the files themselves aren't signed by MS and are going into the system directories, the AV should damn well flag it. Even if it's signed, there needs to be version checks. Corrections can be added to later signatures, and if you're doing scheduled rollouts, you would've done the testing that would've showed the AV problem in the first place.

Re:Why did no antivirus s/w pick this up?

[jkrise]

Updates are run under the system user process. If you had ever been a Windows admin, you'd know that there are all sorts of ways to hide updates and the like from users

So, does an antivirus program run as a normal user process or system user process? If it is the latter, then how is it that the stealth update managed to escape attention??

And if antivirus s/w firms do not know systems programming, why do they exist at all? Looks like most anti-virus programs have been configured / patched NOT TO REPORT this particular stealth update... I cannot see any other logical explanation for this lapse.

Re:Why did no antivirus s/w pick this up?

[Etrias]

So, does an antivirus program run as a normal user process or system user process? If it is the latter, then how is it that the stealth update managed to escape attention??

And if antivirus s/w firms do not know systems programming, why do they exist at all? Looks like most anti-virus programs have been configured / patched NOT TO REPORT this particular stealth update... I cannot see any other logical explanation for this lapse

Like I mentioned, it seems that you have not ever been a Windows admin, nor have ever dealt with a large roll-out of a system patch.

Whether or not the AV program runs under a user process (highly unlikely) or a system process, it doesn't matter. You're ignoring what AV programs are looking for anyway. If a trusted process and service (windows update) run by a trusted user (SYSTEM), the chances that the AV program is even going to log such activity is doubtful. As far as the AV program is concerned, the service (Windows Update) is doing it's job...which in a way, it is. Windows Update has the control to change system files. No big secret there.

You seem to think that every time a system file gets updated by whatever process, that should be flagged and prevented. It's not some rogue program that is being run to update the files, it's the WU service that's on every single XP (and other MS OS's) machine out there.

Like I said, I'm not defending MS on this...no one I bitch about more. But to say that the AV companies have culpability on this, that's off the mark. A trusted Windows service did what it was built to do. Nothing to see here. Move along.

Re:

[jkrise]

As far as the AV program is concerned, the service (Windows Update) is doing it's job...which in a way, it is. Windows Update has the control to change system files. No big secret there.

I think you have it backwards. The job of Windows Update is (supposedly) to patch the system in order to keep it in a secure, useful state. Which is precisely the definition of an antivirus software too. If Windows Update can reliably patch the OS and keep it secure, there would be no market for any antivirus software.

Theref

Re:

[DrgnDancer]

You're asking for a nightmare... Can you imagine trying to do a big update (say a service pack) with your AV flagging every single file? You'd spend days clicking "Yes, install the File"The AV assumes that WU is updating Windows... It's what Windows Update does, the alternative would be to never get anything done as your AV tries valiantly to block every update MS puts out.

Re:

[jkrise]

If WU is a rogue program, your machine is compromised. Wipe and start over.

Unfortunately, following your advice is impossible. The official WU program that is shipped with a Genuine Copy of Windows XP and Vista has been proved to be a Rogue Program by this episode. The only reliable protection appears to be, to disable Windows Update completely, and depend on the antivirus program to do a better job of protecting and securing the system.

Just try to go with me on this and pretend your a system admin of abo

Re:

[walt-sjc]

Actually, the reason that AV software doesn't pick this shit up is TOTALLY different than what you claim.

The reason AV software doesn't pick this crap up is that the current crop of AV software uses a BLACKLIST based model and not WHITELIST based model. Since AV software is blacklist based, there IS NO "trusted" anything. Once they move to a whitelist model, THEN we can start talking about what is "trusted" and what is not.

Re:

[Etrias]

Ah yes, good point. But still moot as Windows Update would end up being on the trusted list almost immediately.

However, turning that around, Windows Update isn't on the blacklist. Why should it be logged as changing the files? Even AV programs that do heuristic scanning aren't really going to notice WU doing it's job.

Reasonable expectation

[SuperKendall]

You seem to think that every time a system file gets updated by whatever process, that should be flagged and prevented

Actually yes, coming from a UNIX standpoint this is exactly what programs like Tripwire do.

If I have AV software I would love to have it notify me system files had been altered, whatever the cause - perhaps not prevent but at least issue a warning at some point.

Since viruses can potentially modify trusted executables there's no reason to trust any program running as any user more than anythi

Re:

[rbanffy]

"Updates are run under the system user process. If you had ever been a Windows admin, you'd know that there are all sorts of ways to hide updates and the like from users...which means that there's something in the process that MS can enable to hide it from their users. The reason no AV caught it is because it was using an update service already approved by the AV program and was running it under the already accepted system user."

Besides that, no AV can detect a process started by the undocumented MSOnlyStar

Re:

[Tsunayoshi]

Good point (no mod points or you'd get some.). Unregistered system DLLs didn't flag somewhere?

Re:Why did no antivirus s/w pick this up?

[alexhs]

A dozen system files have been updated as part of this undocumented stealth update... and yet not a single antivirus software reported this. Why?

1) Most antivirus software can only detect known viruses. They do not detect viral activity, only a numeric signature. Won't detect stealth updates, if that update doesn't match a signature.

2) For the few behavioral antivirus software, my guess is that they're monitoring activity under some user accounts, and that they're not able to monitor activity of the "System" accounts and other special accounts.

Re:

[jkrise]

1) Most antivirus software can only detect known viruses. They do not detect viral activity, only a numeric signature. Won't detect stealth updates, if that update doesn't match a signature.

Every antivirus software I have seen, has this feature that prompts you when any 'write' or 'update' happens in the system folders. Try copying a dll file and the antivirus s/w throws up a window, asking for confirmation... in many cases, it is rejected outright. The logic is that any update to the system files can only

Re:Why did no antivirus s/w pick this up?

[Etrias]

Monitoring system accounts and special accounts is the first job of any antivirus software. Viruses, worms and trojans run with full system access, not restricted user access.

If a virus or trojan has that access already, you're screwed anyway. Might as well wipe the box and start over. However, to get that access, they usually need an exploit or to run an executable to grant them that access.

I don't think you have a very good understanding of what a virus program is expected to do. If a system account isn't allowed the power to update system files, then why have it in the first place?

Re:

[pohl]

If a virus or trojan has that access already, you're screwed anyway. Might as well wipe the box and start over.

True, but if the write is not detected and reported to the user, the user can't know that it's time to wipe & reinstall. In my opinion, anti-malware software should be expected to do that detection and reporting -- although I agree that "anti-virus" software is too narrow a genre for the sake of this discussion.

Still, I think the orginal question still stands. In the UNIX world, for

AVG usually does

[Solandri]

But because Microsoft updates system files so often, AVG just flags them as "changed" and notifies you as such. Also, most anti-virus tools are probably checking against a blacklist, not blocking any and all suspicious activity.

Re:

[jonwil]

The files in question are signed with Microsoft's own digital signature. Ergo (assuming no-one has stolen the signing files somehow and assuming no-one has been able to install a fake certificate by stealth) the files are genuine and are not viruses.

Have to get away from the "patch" concept

[dpbsmith]

I'm not sure what the answer is, but someone has got to work out better technology for designing and updating operating systems. For thirty years now, we've had operating systems that only work as perfect integrated wholes, and operations called "installation" and "uninstallation" and "updates" and "patches" which are basically ad-hoc processes for which the operating system offers relatively little support.

Everything depends on everything else. After a few years of updates and software installation, whether on Windows or Mac OS X (no, I can't speak to Linux so if Linux solves all these problems I plead ignorance), almost every system is in a slightly broken state, and you just hope it isn't intolerably broken. Talk to any average mom 'n dad and they'll say "Things that used to work fine on our computer aren't working any more, I guess it's just time to buy a new computer."

Some new way of building operating systems is needed that reduces the interdependence of its components.

Re:

[i.r.id10t]

I've been stuck in RPM hell, but I've never had an issue upgrading Slackware from one version to the next, or Debian. Of the two, Debian is my choice for the nice things that apt does for me...

Re:

[themassiah]

By doing this, unfortunately, you will also reduce the interoperability of the systems or introduce great gobs of bloat. These interoperability hooks assume certain things that can only (easily) be ascertained by precognition of the sytem at hand.

Re:

[MobyDisk]

IMHO, this is what package managers solve, and Microsoft still hasn't gotten the idea right. In the Windows world, applications just drop files wherever they want and that's an install. In Linux using rpm or deb packages, every file on the system is part of a master database that indicates what package it is a part of, and what the interdependencies are. So long as everyone creates proper packages, these problems go away.

The down side is that many packages aren't created properly, which results in rpm he

Re:Have to get away from the "patch" concept

[mollymoo]

Package managers do not solve the problem, they just handle most of the hassle for you. If anything, they exacerbate the problem by encouraging the very interdependencies they are necessary to handle. I'm not much of a fan of the shared library concept for anything other than "system" files (for a fairly broad definition of "system") because of the installation and "maintenance" hassles they create. You may have a dozen programs which use a particular library, but do you ever run them all at once? Probably not. So just keep a dozen copies on disk; that way they can all be different versions if needs be. Occasionally you'll get two copies of essentially the same code in RAM, but library code generally isn't usually the bulk of your RAM usage. Once you get rid of the idea of sharing files between programs your software installation worries cease to exist, because installation ceases to exist. You just have one executable blob which you can copy anywhere. A good proportion of Mac applications work this way and trust me, it beats the shit out of apt, portage or any other package manager I've tried. It takes almost zero user effort. Zero maintenance. It is hugely reliable.

Re:

[MobyDisk]

This is interesting - I've wanted to have this discussion with someone. While I agree with your reasoning on shared -vs- static libraries, I don't agree your estimation of the impact of static libraries.

because of the installation and "maintenance" hassles they create.

One big savings of shared libraries is that if a vulnerability is fixed in libpng, you don't have to update 25 apps. And the authors of those apps don't have to repackage their app. And old projects that aren't in active development can still take advantage of the security fixes. Same with performance i

Re:

[vtcodger]

***Everything depends on everything else.***

I can see why you would think that, but I'm not sure that it is true. It is true that the user interface level in graphical software is an intricate structure whose interactions are complex and difficult to follow. It might be just barely possible to untangle Windows 95 and see how the parts fit together. I spent a couple of years trying and I think I was making progress. Windows 98, NT, and (from what I can see Apple software) are simply beyond my comprehen

Only repaired?

[Aladrin]

If I'm reading this right, the problem is that the patch gets applied out of sequence if you 'repair' from the original CD.

Would the same issue not happen if you just installed from the CD from scratch? What prevents it from installing out of order when you do it that way?

Seems pretty serious either way, and it has me wishing I'd turned off the automatic update service on my only Windows PC. It's too late now, but you can bet it won't get internet access until after that's disabled when I format that mach

I've run into this and the fix isn't hard.

[domatic]

I ran into this a couple of weeks ago. When the attempt to use update.microsoft.com fails, the "troubleshooter" will direct you to a Knowledge Base article [microsoft.com] that advises you to do the following:

At the command prompt, type the following commands, press ENTER after each command, and then click OK every time that you receive a verification message: regsvr32 wuapi.dll
regsvr32 wuaueng1.dll
regsvr32 wuaueng.dll
regsvr32 wucltui.dll
regsvr32 wups2.dll
regsvr32 wups.dll
regsvr32 wuweb.dll


Once that is done, you'll be able to use Microsoft Update again.

Re:

[ColdWetDog]

Oh good and thanks. I'll call up my mom and tell her to do just that to her machine.

Re:

[ColdWetDog]

If you want to make it really easy for her, cut and paste those into a fix_update.cmd file. Tell her to run that and to just keep pressing OK until it is done.

Yeah, I could do that. That would ruin the joke though (as lame as it was). I would have better success if I integrated it into a new cursor or toolbar.

Re:I've run into this and the fix isn't hard.

[radarsat1]

"But at least Windows doesn't require you to go to the terminal and type cryptic and scary commands just to fix little problems..."
- oft-heard criticism of Linux

Re:I've run into this and the fix isn't hard.

[z0idberg]

reminds em of this little ditty:

from here: http://bash.org/?464385 [bash.org]
 

@insomnia >>it only takes three commands to install Gentoo

@insomnia >>cfdisk /dev/hda && mkfs.xfs /dev/hda1 && mount /dev/hda1 /mnt/gentoo/ && chroot /mnt/gentoo/ && env-update && . /etc/profile && emerge sync && cd /usr/portage && scripts/bootsrap.sh && emerge system && emerge vim && vi /etc/fstab && emerge gentoo-dev-sources && cd /usr/src/linux && make menuconfig && make install modules_install && emerge gnome mozilla-firefox openoffice && emerge grub && cp /boot/grub/grub.conf.sample /boot/grub/grub.conf && vi /boot/grub/grub.conf && grub && init 6

@insomnia >>that's the first one

Re:

[Spy der Mann]

"But at least Windows doesn't require you to go to the terminal and type cryptic and scary commands just to fix little problems..." - oft-heard criticism of Linux

Yeah, but this isn't a "little problem" so your criticism doesn't apply. HAH! See? One point for Microsoft! oh, wait...

Re:I've run into this and the fix isn't hard.

[Ephemeriis]

"But at least Windows doesn't require you to go to the terminal and type cryptic and scary commands just to fix little problems..."
- oft-heard criticism of Linux

Yeah... At least with Linux you know you're probably going to be messing around at the command prompt. I don't know how many times I've had a Windows machine do something odd, gone looking through the GUI for the magic checkbox that will fix things, only to eventually discover (through technical support or a KB article) that there's a command-line fix that isn't documented anywhere.

Frankly... These days I'm using the command prompt on my Windows machine just as often as I do on my Linux machine.

Re:

[berashith]

wow, what a great idea. I think I am going to find a way to create list of commands that can be run instead of having users type the commands themselves. I will call this scripting. You windows people think of everything.

Re:

[mcmonkey]

I ran into this a couple of weeks ago. When the attempt to use update.microsoft.com fails, the "troubleshooter" will direct you to a Knowledge Base article [microsoft.com] that advises you to do the following:

Go to http://windizupdate.com/ [windizupdate.com] with a supported (non-IE) browser.

Once that is done, you'll never have to use Microsoft Update again.

That's something you can tell your grandmother over the phone.

I got bitten by this

[arkhan_jg]

I'm actually in the process of upgrading a windows 2000 image to XP Pro (no, it can't be a clean install, it's a long and dull story), and got bit by this bug. When I searched for the error number associated with the windows update failure on technet, I did come up with technet article explaining how to register the windows update dll's to fix it (as also listed in the linked article). I just assumed it was an odd bug because of all the cruft in the windows 2000 install.

Now I find out it's because of a broken secret mandatory update to the DRM that breaks windows update altogether. Nice one Microsoft!

I had another bug after that windows update, http://support.microsoft.com/kb/883821 [microsoft.com]
That took a lot longer to fix, as none of those listed fixed it. Perhaps that was also related? Lovely.

Microsoft XP updates....same old story.

[CodeShark]

We remember how the Win9X upgrade fiascoes resulted in so many new breakages that ultimately MS pulled the plug and went completely with the NT code base for Windows. So I am very cautious using MS supplied updates at all.

But earlier this year I had to allow a client's machine to use an XP service patch or be have to tell the user that the machine would be out of warranty both from the OEM and Microsoft.

The patch (SP2) froze the computer completely after an aborted install that the screen recorded as having been successfully uninstalled. It took nearly 20 hours of non-stop attempts plus two service calls to avoid having to wipe the disk -- which was not an option -- and afterwards the "Genuine Advantage" program still wants more updates.

Not surprisingly, I won't be recommending Microsoft on their next desktops. Ubuntu will be fine.

Re:

[jimicus]

We remember how the Win9X upgrade fiascoes resulted in so many new breakages that ultimately MS pulled the plug and went completely with the NT code base for Windows.

You need to go a little further back than that. MS had planned to pull the plug for years - Windows ME was never meant to happen, and Windows '98 lasted rather longer than originally planned.

Re:

[vtcodger]

***Er, what? I'm pretty sure things like security and stability were a little higher on Microsoft's 'reasons to move to NT' list than upgrade breakage.***

Not to mention the reduced cost of supporting only one code base.

I have to agree with you. Too bad that the "better" security in NT turned out to be a fantasy.

The only major bad update I can recall in Windows 98 Windows Update was an Intel originated patch that broke IDE disk access on many machines. Fortunately, automatic update wasn't all that wi

My experience

[bogaboga]

In addition to Kubuntu, I am using WIndows XP professional and was not really sure my woes with the system were because of these stealth updates. But I can say that sound would automatically mute itself whether Windows Media Player or any other media player was playing or not.

I thought this was because of Skype, Windows Media Player, VLC Player or Real Player. I installed new versions of all of these apps but this did not help. I struggled with this problem and found little help, even from Microsoft itself. The good thing is that Windows XP has a [neat] feature that rolls the system back to its previous configuration. This is what I used and had this problem solved.

But I then wondered whether we in the Linux world have anything comparable to the feature that helped me roll back my settings in Windows XP Professional. I haven't found one! Have I looked hard enough of am I looking in the wrong places?

Re:

[pintpusher]

I'm not trolling, seriously.

I can't speak to the internal reasons behind windows decision to include that feature (though I have a couple good guesses), but based on the number of people I know who think a backup is when the white lights come on at the back of the car, its a much needed feature. This is what backups are for people. No matter what OS. a proper backup scenario would allow recovery from any problem like this. In the linux world, due to plaintext config files and the modular nature of the syste

Are They Serious?

[ThinkFr33ly]

Do these people realize that the ENTIRE POINT of Microsoft forcing the Windows Update patch was to make sure that future updates would trigger whatever policies the user had selected for the machine?

In other words, if Microsoft had not updated Windows Update automatically, and a user had chosen to be notified of future updates, these notifications would not work. The only way to ensure that the user's settings were properly respected was to update Windows Update.

So now this article says that the silent update wasn't harmless because Windows Update was broken after they did a restore. Do they realize that without this update, Windows Update *definitely* wouldn't work, and that the fact that this update may have a bug in it regarding restoration is completely besides the point?

Should Microsoft have made it more clear that they were doing an update? Yes. Is this update proof of Microsoft's desire to ignore user preferences and do whatever the hell they want? Obviously not.

Re:

[sqlrob]

So it warns that Windows Update is the one needing update. They've done it before.

Re:

[Ant P.]

Do they realize that without this update, Windows Update *definitely* wouldn't work

It's been working fine for the past 5 years. Or are you saying it's always been broken?

Re:Are They Serious? Nope.

[canuck57]

What a long winded way to say the Windows update is such a horrible mess it isn't funny.

Me, I like rolled up file based updates. Download it and save it off. When the beta testers say it is OK, I apply. I have earned with over 20 OSes behind me that you patch to point in time from proven groups of patches. This idea of "auto" update is so fundamentally flawed...

Leave Microsoft alone.

[Anonymous Coward]

How fucking dare anyone out there make fun of Microsoft after all it has been through?

Its stock price has stagnated. Google made Steve Ballmer mad. He threw two fucking chairs.

Ray Ozzie turned out to be a blogger, and now he's posting a bunch of comments. All you people care about is readers and making money off of them.

It's a corporation! What you don't realize is that Microsoft is making you all this money and all you do is write a bunch of crap about it.

It hasn't made a good OS in years. Its spreadsheet is called "excel" for a reason because all you people want is EXCELLENCE! EXCELLENCE! EXCELLENCE!

LEAVE IT ALONE! You are lucky it even makes products for you bastards! LEAVE MICROSOFT ALONE!

Please!

CmdrTaco talked about professionalism and said if Steve Ballmer was a professional he would've monkey danced no matter what.

Speaking of professionalism, when is it professional to publicly bash a company who is going through a hard time?

Leave Microsoft alone, please.

LEAVE MICROSOFT ALONE RIGHT NOW. I MEAN IT.

Anyone that has a problem with it you deal with me, because it is not well right now.

LEAVE IT ALONE!

Re:

[lena_10326]

OK.. Chris Cracker. By the way, can I borrow your eye liner?

No one saw this coming...

[Loosifur]

The thing about this "stealth update" that riles me up is that it's indicative of the patronizing, "we know better than you" attitude that Microsoft has towards its customers. They just decided that anyone running Windows would get this update and that's that. Now, wonder of wonders, it's causing problems. Does anyone really think that they'll address this problem in a reasonable, responsible way? Or will they just release ANOTHER patch at 3:00 in the morning to fix the first one?

Re:

[blueZhift]

Sadly, for the vast majority of Windows users, the patronizing attitude is probably the least painful approach. Like most here on /., I don't take too kindly to MS slipping unauthorized patches onto my systems. But for mom, pop, and grandma, well what they don't know might be good for them. Telling them too much would just confuse them and result in expensive tech support calls. So MS rolls the dice that most won't have a problem with the update and won't care to know the details anyway.

I'm not saying peopl

That explains the trouble I had!

[TheRealBurKaZoiD]

FTFA:

"This, in turn, prevents Microsoft's 80 latest patches from installing -- even if the patches successfully downloaded to the PC."

That the trouble I had recently! A few weeks ago, a friend asked me to clean up three of her family computers that were crawling with spyware/adware, and trojans, as well as upgrade them from WinXP Home to WinXP Pro. I got them cleaned up fine, and did the upgrade. After booting to the desktop the first time, I ran Windows Update to grab the latest patches. On all three m

They already have a solution to this.

[InfinityWpi]

And it should be obvious to anyone who knows the company... upgrade to Vista, and you won't have to worry about repairing your XP installation anymore!

Who says this is an -unintended- side effect?

complex systems==problems

[martin]

Like all complex systems any change will have 'interesting' side-effects.

And that (IMHO) is MS-Mindows main problem. It's too complex, and this is why there are so many issues with it.

End of story.

Re:

[jimicus]

Show me a modern OS that isn't complex.

I mean sure, Linux systems are more built around the concept of "let each task do one small job and do it well", but without a fair bit of knowledge and experience, it's quite possible to screw a system so hard that you can't easily repair it. Particularly once you start getting into the minefield of "install this proprietary app which doesn't come with source, install that binary driver which comes as a kernel module, install the other program from an RPM intended fo

This will spur the Vista sales

[140Mandak262Jamuna]

The stealth "upgrade" will make XP quite unstable. And MS will just say, XP has been end-of-lifed and Vista upgrade will fix the problems. Then Wall Street will get comfortable numbers about Vista sales. Things will continue as normal.

two words

[josepha48]

class action

Yeah, I think this opens the door to a class action lawsuit, because someone could argue that they accessed their computer, without their permission, thus violating the computer abuse and fraud act.

Damn Microsoft.

[JustNiz]

The thing that really gets my goat is their totally arrogant presumption that its ok to put files on my box without asking me in the first place.

Re:

[jimicus]

Vista fixes that nicely, right the way from the start of the installation process:

"Windows installation wants to install the following file: NTOSKRNL. Cancel or allow?"

"Windows installation wants to install the following file: rundll32.exe. Cancel or allow?"

"Windows installation wants to install the following file: cmd.exe. Cancel or allow?"

"Windows installation wants to install the following file: notepad.exe. Cancel or allow?"

"Windows installation wants to install the following file: mspaint.exe. Can

I am even happier now

[Kazymyr]

... for doing what I did http://it.slashdot.org/comments.pl?sid=299057&cid=20619703 [slashdot.org]

Not that I really had any doubts to begin with.

Euthanasia

[cmacb]

If Microsoft were a racehorse it would have been put down by now.

It is a drag on our society, on our culture, on our economy, not to mention the rest of the world's.

I wish something could be done about them, but we just have to wait for them to blow all their own limbs off and bleed to death I guess.

What about WSUS?

[permaculture]

Many companies use WSUS to deliver Windows updates.

http://technet.microsoft.com/en-us/wsus/default.aspx [microsoft.com]

Did the stealth updates install on PCs that don't have WGA installed, and don't update from the Windows web site? If not, what effect will that have?

Re:

[Lxy]

In the original article (sorry, don't have the link handy) it specifically mentioned that WSUS servers/clients did NOT receive the update. If you were thinking of running WSUS at home, here's another good reason :-)

This is way we need xp sp3 or a update roll up....

[Joe The Dragon]

This is way we need windows xp sp3 or a update roll up so we can have the newer windows update files and other updates on the install disk.

80+ updates for a new xp sp2 install is a lot.

Re:

[mattgreen]

Er, hate to break up your little rant but did you ever try actually troubleshooting your Windows problem? As in, checking the event log and other places to see why it restarted?

Re: windows and linux problems

[Medievalist]

I've set it to default to Windows, because windows boots over and over, sometimes for hours, before it finally relents and comes to life. I've suspected a BIOS setting it doesn't like, or that Windows wants its own FAT instead of LILO, but could it be that Windows is trying to phone home, even though my internet access has been shut off for a couple of months? Even though it's a fresh install and the PC hasn't been connected to the internet since before the install?

Sounds like a hardware problem, to be honest. Like a bad bit or two in low memory, for example... do you have memory testing turned on in your BIOS? If it's set to "fast boot" it will skip nearly all useful testing, fast boot is just a way to generate money for PC repair shops. :)

And do thay have any idea what a pain in the ass it is to "register" that God damned OS without internet access?

Don't remember if I've tried it with Windows, but for most windows programs that nag for registration you just tell it you'll register by snail mail, when it asks for a printer tell it to print the registration page to a file,

Re:

[sconeu]

Wrong. It's

they do update their product without asking or telling you => microsoft == evil.

Re:

[vtcodger]

***yee people are never happy are yee? they dont update their product => microsoft == evil they do update their product => microsoft == evil seems its a no win situation no matter what they do***

You're right to some extent. This being Slashdot, Microsoft would be blamed for something even if they brokered a lasting peace between Isreal and the Palestinians, cured cancer, or brought global worming to a screeching halt.

But in this specific case, what they did was quietly load updates onto computers

Re:

[wwmedia]

but this is slashdot, what would we complain about?

slashdot'ers need an "Evil empire" in the same way as US needed the Soviet "Evil empire" to keep population in control thru fear (same thing they are doing now with terrorism)

Re:

[mattgreen]

The kids need a lunch lady to hate. Otherwise they do not feel they fit in.

Groupthink is quite amusing when you think about it. I just love seeing the vehement rants against a software company. So much wasted passion for a mostly inept, overly corporate software company. You'd think they were out killing babies or clubbing baby seals. Twitter is the most extreme example of this, and one of those people who I don't believe really exists.

Re:

[walt-sjc]

What about the option:

Notify about update - allow user to approve or deny -> not evil

If MS would have pushed this update out in the normal way, this whole issue wouldn't have come up.