Microsoft Releases Replacement Patch With Two Known Bugs 140
snydeq writes Microsoft has re-released its botched MS14-045/KB 2982791 'Blue Screen 0x50' patch, only to introduce more problems, InfoWorld's Woody Leonhard reports. "Even by Microsoft standards, this month's botched Black Tuesday Windows 7/8/8.1 MS14-045 patch hit a new low. The original patch (KB 2982791) is now officially 'expired' and a completely different patch (KB 2993651) offered in its stead; there are barely documented revelations of new problems with old patches; patches that have disappeared; a 'strong' recommendation to manually uninstall a patch that went out via Automatic Update for several days; and an infuriating official explanation that raises serious doubts about Microsoft's ability to support Windows 9's expected rapid update pace."
Oh microsoft (Score:5, Insightful)
And people still come up to me and say they can't use free software cause they need enterprise-grade quality
Re: (Score:1, Insightful)
Re: (Score:1)
BSoD, boot failure... yeah very minor compared to GUI imperfections... pinhead. And i wonder which linux desktop you're talking about or are you still in 2007? Linux Mint to say one is very sound, functional and elegant.
The whole distro arguement is retarded. (Score:1)
Learn a DE or Window manager you're comfortable with, learn the package manager for the distro of your choice, and learn the administration tools necessary to maintain your needed level of customization (for most people it's display settings, i8n, and network settings). Given those 5 needs fullfilled the distro itself usually doesn't matter, unless you happen to choose one that makes installing/updating your chosen packages difficult (Which honestly Microsoft is no better about since the XP->Vista transi
Re: (Score:3)
Re: (Score:1)
Posting AC for obvious reasons, but....
My main account was paid for by Microsoft, and they send me $400 a week to post pro-Microsoft stuff. I am paid directly by Waggener Egstrom.
Re: (Score:1)
Re: (Score:2)
Okay, we won't refer to it as misinformation. We will call it misleading information or not the whole truth information or rose tinted information instead.
Re: (Score:1)
Re: (Score:2, Informative)
The free software desktop's problems are a lack of polish. Microsoft's problems are outright neglect.
Re:Oh microsoft (Score:5, Informative)
Finally I realized they did get one thing from it: accountability. If you've never been there, it's hard to understand how corporations are shaped by SOX compliance, and general accounting problems. If a $2000 purchase disappears at a startup, it's a minor problem. But at a large company, accountants will be looking for weeks to find what happened to it.
Those are the kinds of issues large companies deal with, and removing the accountability of the decision making process (of figuring out what software to use) and giving it to Microsoft is a real service for them. This is the same reason people use RedHat, even though RedHat gives their software away for free. It is one of those things that makes no sense to you until you've worked in that kind of environment.
Re: (Score:2)
There is no accountability. With very few exceptions, software companies disclaim all responsibility or accountability.
Re: (Score:3)
There is no accountability.
That's not important. Really.
Re: (Score:2)
Oh, I know that. It depresses me.
Re: (Score:2)
Re: (Score:3)
Re:Oh microsoft (Score:4, Insightful)
What enterprise-grade quality?
Software from a billion dollar plus company, which required a PO large enough to justify firing the person who approved it, not just the one who implemented it.
If MS F's up, you can blame them as they yell at you to fix it. If your cobbled together, zero budget, but works 99% of the time solution fails, then it is 100% on you.
It is completely unfair, but that's the way it is. If the Oracle DB blows up in a patch, you can point to not having a 2nd instance to use as a test system. The finance guys can point to the lack of an extra $100k to spend on a test system and the CEO can blame Oracle/budget to the board.
If the same issue occurs on mysql, everyone points at you and you alone, since you could have just set up a second system for cheap - never mind that that would double the admin/patch/test time with no corresponding increase in headcount.
Pendants: This is done in serial, not parallel, otherwise you are not staging it properly to test it.
Re: (Score:1)
Actually, I tend to see IT departments making the argument that 'they need enterprise grade quality' when wanting to avoid Microsoft, these days. Such arguments _against_ open source software vanished years ago in my line of work, mostly when it became patently clear that job security for upper-mid level managerial mediocrities was not really achieved by being able to pay someone you can blame for IT failures. The more competent examples of upper management don't buy that argument any more. They actually wa
Never useful info given with patches (Score:5, Insightful)
What pisses me off as a consumer is that Microsoft patches never come with any kind of useful information.
"There are X patches available", and when you click a specific patch you get "This is a stability patch for Windows 8" or something generic like that.
How can a consumer make an informed decision to go ahead and install patches or not without hours of looking up KB numbers?
I'd like more info, so that unless a patch specifically fixes a security bug, I'd rather leave the rest of the patches uninstalled as long as my system runs ok.
Re: (Score:1)
Click on the update and you should see a 'More Information' link on the right. Click it and your browser should open to a MS knowledge base page that explains what the patch does.
Seems perfectly clear to me :) (Score:3, Interesting)
"To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2014-0318 [mitre.org]." ref [microsoft.com]
'win32k.sys
Re: (Score:1)
What pisses me off as a consumer is that Microsoft patches never come with any kind of useful information.
"There are X patches available", and when you click a specific patch you get "This is a stability patch for Windows 8" or something generic like that.
How can a consumer make an informed decision to go ahead and install patches or not without hours of looking up KB numbers?
I'd like more info, so that unless a patch specifically fixes a security bug, I'd rather leave the rest of the patches uninstalled as long as my system runs ok.
I completely agree, but that is a problem only shared by very few Windows users. A vast majority of users aren't going to care about anything more than "This is a stability patch for Windows 8". Most won't even care about that, they just install without reviewing.
Re:Never useful info given with patches (Score:4, Insightful)
I doubt it's much different in other platforms. Mac OS or Android or Linux. When there is an update, most people don't have the time to carefully go over what it's doing. Nor should they.
When the plumber comes to my house, as he did yesterday, all I care about is that the hot water is coming and the toilets flush. I don't crawl under the sink to see if he properly greased the pipes or whatever the hell it is plumbers do.
I have met people who work for Microsoft and Apple and they are neat and earnest and are by all appearances proper and trustworthy citizens. I've also met people who contribute to open source OSs. They look like the guy who stands on the on-ramp with a sign asking for change. A little bit dangerous with greasy hair and a a psychotic glimmer in the eyes.
I'm kidding of course, and just tweaking people who use Linux (like myself), but as Eclipse (played by Frank McRae) said to Sylvester Stallone upon his imprisonment in the classic American film Lock Up, "You gotta trust somebody. Let me hip you to the joint."
Re: (Score:1)
Apple pops up a notification (more annoying than Microsoft actually) that says "install these patches now or later?", and you have to click and open up before you can even see what you're clicking "now" or "later" for. Then it turns out it's just something stupid like itunes. So I ignore it. Then a few days later it repeats. Then a few days after that. And so on. It's basically the apple store window, even though I have zero software anywhere on or in the vicinity of the mac that even saw that store.
Re: Never useful info given with patches (Score:2)
Apple pops up a notification (more annoying than Microsoft actually) that says "install these patches now or later?", and you have to click and open up before you can even see what you're clicking "now" or "later" for. Then it turns out it's just something stupid like itunes. So I ignore it. Then a few days later it repeats. Then a few days after that. And so on. It's basically the apple store window, even though I have zero software anywhere on or in the vicinity of the mac that even saw that store. So yes, I am indeed crawling under that sink to see what shit the plumber left there. At least be glad microsoft isn't merging their updates and patches with their store.
While I must admit I liked the old Software Update system a bit better, overall I still find Microsoft's free-for-all pop ups during boot up to be far more annoying than the Growl-like notifications in OS X. For one thing, OS X NEVER says "I'm rebooting your system in x seconds" like Windows does, leaving you to scramble around to ask PERMISSION from your own computer to DELAY the Reboot.
BTW, Apple isn't "mixing their software updates with the App Store"; they are just using the same secure distribution
Re: (Score:2)
I turned off Microsoft's automatic updating and such, after the first mistake. I've rarely seen any popups. I don't know what setting I have that enables/disables them. I never see anything on boot except for the ongoing patches that started when I shut down.
Re: (Score:2)
The thing is that most of those stability patches are no such thing. They are for cards you don't have on your computer, for a product you don't use, and in some cases have nothing to do with stability but instead added new features.
Re:Never useful info given with patches (Score:5, Informative)
You beat me to it, this page is what we need:
https://technet.microsoft.com/... [microsoft.com]
But of course that info should be right there on the windows update window.
Re:Never useful info given with patches (Score:5, Insightful)
But of course that info should be right there on the windows update window.
It was there in WinXp.
Microsoft seems to think that dumbing down all their user interfaces = the future of computing.
How is this insightful? Are links difficult now? (Score:2, Insightful)
You are talking about the short summary in the windows update UI, but there is always a direct link to a Knowledge Base article with much more details.
Are Slashdot posters really unable to follow a direct hyperlink to the information you are after without spending hours on it?? WTF??
Don't know what you are talking about (Score:4, Insightful)
Perhaps you should give it 3 secs investigation before you shout off.
3 secs should be just enough to click the "more information" link.
Re:Don't know what you are talking about (Score:5, Insightful)
3 secs should be just enough to click the "more information" link.
Every time I have clicked a "more information" link, I have been taken to a completely useless webpage that contains no information about the KB in question.
Re: (Score:2, Insightful)
I just ran updates on my Win7 box because of this comment, and I can verify this: The more information link does NOT take you to a related KB article. In fact three of the links timed out, the rest went to pages with zero information about what the update did, and no further information can be found.
I can, however, Google the patch to find the exact KB article I need. There is no way to find that page from any line of clicking that starts from Windows Update though.
Re: (Score:3, Insightful)
Before you get too smug, please explain how clicking on "more information" would help explain the mystery of Windows Update Agent 7.6.7600.320 and all of the associated problems it causes? That's only one example of many over the last couple decades.
There has always been *lots* of holes in the Microsoft KB and explanations of patches. Saying just click on more information implies that Microsoft has documented everything and the OP is simply an idiot and/or lazy. In this case he isn't.
Re: (Score:2)
I'm pretty sure that unless he's suffering from the DTs, it won't take him 3 seconds to click a link.
Why are they hiding information? (Score:3)
3 secs should be just enough to click the "more information" link.
You apparently have never bothered to click the "more information" link. It is a pretty good approximation of useless unless you click several layers deep and shouldn't be necessary in the first place. A short description of what the patch actually is intended to do would not kill Microsoft. I shouldn't have to go hunting for that information if I want it. Yes I know how to find out what the patch is for but Microsoft has made it needlessly hard.
Put bluntly, I shouldn't have to click ANY links to see a
Re: (Score:3)
A short description of what the patch actually is intended to do would not kill Microsoft. I shouldn't have to go hunting for that information if I want it.
In addition, if you have set Windows Update to "download but not install", then it is possible that you don't have Internet access at the time you are thinking of applying the already-downloaded patch.
Re:Never useful info given with patches (Score:5, Insightful)
How can a consumer make an informed decision to go ahead and install patches or not without hours of looking up KB numbers?
Consumers don't make such decisions. If you want that level of control over your OS, don't use Windows. This isn't a knock against Windows or anything: it's just part of the closed-source model. You trust them. If they do a good job, then it saved you effort. If they do not, you get burned. That is the trade-off.
Re: (Score:2)
It has nothing to do with "closed source." Show me what info is available when you do an "apt get upgrade". :P
Re: (Score:2)
It has nothing to do with "closed source." Show me what info is available when you do an "apt get upgrade". :P
Install apt-listchanges, and you can see the entire changelog.
Re: (Score:2)
What pisses me off as a consumer is that Microsoft patches never come with any kind of useful information.
"This patch makes Windows 8 a little more stable." states its purpose clearly and simply.
The link to the KB --- which is always there --- implies a deeper understanding of the OS than most users are likely to have or need.
It won't make their decision to install the patch any easier.
Re: (Score:3)
When you click for more details it tells you to visit a web page. Then on that web page, full of long boilerplating, there is some description. Useful description, but it takes you enough time that to follow that patch for every update is a tedious chore. It would indeed help if the patch description said something more useful than "stability pach" or the name was something other than "KB11878723".
I think the rationale is that either the interns it would take to do this minimal work are costing too much,
OH NOES! (Score:1)
But how is this NEWS? MS has fallen into the shitcan for sure, mama!
Other strange update issues.. (Score:5, Informative)
This problem may occur if Windows Update or Microsoft Update determines there is a file hash mismatch when you try to search for available updates from the Windows Update Web site or from the Microsoft Update Web site.
I spent a couple hours down the rabbit hole, thinking malware had broken updates on this box. Not unusual, and normally fixable by one of several means. When all attempts failed, and then another box presented the same error, I checked, every single windows 7 box would not check for updates.
I found that it was not something strange in our router or firewall, and it even occurred on other building tenants computers using a separate internet connection. Everyone in the building is on Comcast. Even more interesting, if I connected a computer to another ISP (tethering on my phone in this instance), the update check would succeed. You could then reconnect to comcast and download and install the updates.
Further all of these computers were running Windows Update Agent 7.6.7600.320, which is a recent (KB less and not able to be skipped) update to Windows update, that you cannot roll back easily. However, by going to a restore point prior to this update, checking for updates magically worked again, until this Agent updated itself and it was broken again.
So somehow, for whatever reason, the way Windows Update on Win 7 with this version of the agent checks for updates was being blocked by Comcast (Business class). Try explaining that to a comcast support rep. Fortunately today it seems to be working again.
Re:Other strange update issues.. (Score:5, Informative)
Had the same problem yesterday on a newly patched Windows 7 laptop and then today on a Windows Server 2008 R2 server.
Problems with Windows Update Agent 7.6.7600.320 and DNS [microsoft.com] seems to be where this is headed.
But I'm holding off on KB 2993651 [microsoft.com] and Windows Update Agent 7.6.7600.320 [microsoft.com] until this one gets resolved too.
Re: (Score:2)
Re: (Score:2)
Comcast blocking windows update?
Re: (Score:2)
Perhaps if you call and ask them to turn off the malware filter for your connection...
Re: (Score:2)
My experience somewhat mirriors yours:
On the 2nd Tuesday, I connected my Win7 box to the Internet to install the 2nd Tuesday patches.
After reading a Slashdot article, I uninstalled two patches on the bad-patch list.
Yesterday, I connected it to the Internet to install the August 27 patches.
This was a no go. Windows Update was broken and the Windows Update Troubleshooter was no use.
Only a rollback to a mid-July restore point got the machine going properly again.
My Windows box (which is not my main box) is ge
Re: (Score:2)
Wait, there are still computer repair people?
Say, if I buy a new video card, you think you could come over to my house and install it before Assassin's Creed Unity comes out? There's $50 in it for you. I live in Chicago.
Re: (Score:2)
I can go to Chicago to install your GPU, however, it will cost about $900-$1500 in travel expenses.
No Patch Info (Score:5, Informative)
What pigs me off is that when you use Windows Update and look at a patch it gives you no info, so you click the patch and still no info', you click the link given but that pretty much just says it's a patch and you should install it, finally after following another link, scrolling down and expanding a section of page you get to find out whether or not the patch is actually relevant to your installation and not just a fix for something you will never use.
I don't use and don't need patches for One-Note, IE, Windows Media Centre, SQL Server. Privilege escalation bugs don't bother me, if you've been compromised that far then you're probably f**ked anyway.
The only bugs that look half-dangerous this month are MS14-046 and MS14-047 because they can lead to you being rooted when joined with browser etc bugs
For future use: https://technet.microsoft.com/... [microsoft.com]
Re: (Score:1)
Yeah, no kidding. If half the patches are for "issues when entering text with the Klingon language when your locale is set to Alpha Centuri" then I don't need the farging patch. Give me useful information, and don't load me up with patches that frankly don't apply.
Re: (Score:2)
Re: (Score:3)
I don't use and don't need patches for One-Note, IE, Windows Media Centre, SQL Server. Privilege escalation bugs don't bother me, if you've been compromised that far then you're probably f**ked anyway.
Uh you don't have to be compromised initially to fall victim to a privilege escalation bug. And you should care about bugs in IE or any other piece of software that is installed (and cannot be removed) from your system. Gone are the simple days of black hats using a single bug to take control of your system. They will chain together vulnerabilities until they can get to your unimportant privilege escalation, and that could very well take advantage of some bug in IE that you neglected to patch because it
Re: (Score:2)
In the last decade I've ran my PC as Admin, in that time I've had zero viruses because I know what not to do, take a range of security measures and have been lucky... So privilege escalation bugs don't count because I'm already running as admin. And whilst Microsoft has found these privilege escalation bugs, I expect there are many more zero-days out there.
If I don't surf the web with IE then the chances of getting an infection due to a IE bug is extremely low. Even though I don't use it, I set the security
Re: (Score:1)
I do all that stuff, too, and still got my LAN hacked through the open port used for security cameras on my Synology NAS. (Which runs Linux, of all things.)
Defense in depth is the only defense. The bad guys only have to guess right once.
What I especially liked (Score:1)
was after the forced reboot (wonderful design, you leave for lunch and you lose everything), Firefox lost all my tab history.
What's the connection between the two things? In an era of multigigabyte RAM and terabyte storage, we can't store a few kilobytes of text to remember what URLs were open in a dozen tabs?
Re: (Score:2)
Re: (Score:2)
Usually, Firefox remembers the URLs that were open. Thing is, it only appears to remember for the last closed window. If I'm going to reboot, I close Firefox myself, making sure to close the window with all the tabs last.
This may be a Firefox issue rather than a Microsoft one.
Need developers? (Score:1, Funny)
Dear Microsoft,
I, and possibly many others, would like to offer our services. We charge $200+/hour, and don't move very fast because we like to think about our solutions. We dislike cargo programming a lot. I understand that the prospect of hiring us shakes some CEO's yacht more than the waves of the South Indian ocean displace the ships mapping the seabed in search for MH370, but we're not going to drop our costs and standards, even though you will. Even more so, considering the predicament you find yourse
Re: (Score:3, Funny)
Thank you for expressing your interest in a position at Microsoft. Unfortunately we are not currently hiring developers who test their code.
Sincerely,
Microsoft
Re: Need developers? (Score:1)
Thank you for expressing your interest in a position at Microsoft. Unfortunately we are not currently hiring.
There, fixed that for you.
Re: (Score:1)
Re: (Score:2)
I have known an MBA who could program pretty well. (He's also about the most left-wing person I know, FWIW.)
I love watching these threads... (Score:2, Insightful)
There are so many ACs who post in response to MS-centric articles. It's almost as if you can feel the shame and terror as you read your way through.
Not really related... (Score:2)
about Microsoft's ability to support Windows 9's expected rapid update pace."
I don't think this stuff is expected to go any faster. To be fair to microsoft, the frequency of updates is already pretty respectable (latency and quality on the other hand...). The rumors are that MS will start mixing in functional changes more. Of course this seems like a mistake, their competitors really aren't mixing it up much on the fundamental level anymore (Google churned pretty hard because they needed too, but Jelly Bean seems to have marked where they broke out the functcion).
Microsoft is onl
Windows 9 update frequency (Score:2)
***NEWS FLASH***
Windows is ALREADY updated once a month, so I don't see how that is any more frequent.
Here's a thought... (Score:1)
..don't use Windows.
Stack ranking quality? (Score:1)
Microsoft has lost control of the monster... (Score:5, Funny)
.
It now appears that Windows has taken on a life of its own, and is now roaming the countryside, harassing the villagers.
Where is Dr. Frankenstein when you really need him?
Re: (Score:2)
He was laid off with all the QA guys. He got a nice severance package though.
QA isn't important, my ass... (Score:2)
Hopefully this will change Nadella's mind. QA is part of the process, and has to be independent of engineering...
Too late Microsoft, you already fucked my install. (Score:2)
Was working on the computer late on the 27th and I saw there were new Windows updates available (8.1 Pro, x64). I'd heard about the update issues two weeks ago but figured that had all been taken care of and the updates were pulled so this was fine.
Big mistake.
Machine BSOD'ing after launch and none of Microsoft's fixes worked.
1) If I tried to boot into safe mode, which is still supposed to work -- BSOD
2) There is a font cache file that supposedly is causing the crash. You're supposed to boot into safe mode