Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Windows Bug Graphics Operating Systems Upgrades Hardware

Forbes Blasts Latests Windows 7 Patch as Malware 230

Forbes contributor Jason Evangelho has nothing good to say about a recent Windows 7 patch that's causing a range of trouble for some users. He writes: If you have Windows 7 set to automatically update every Tuesday, it may be to permanently disable that feature. Microsoft has just confirmed that a recent update — specifically KB 3004394 — is causing a range of serious problems and recommends removing it. The first issue that caught my attention, via AMD’s Robert Hallock, is that KB 3004394 blocks the installation or update of graphics drivers such as AMD’s new Catalyst Omega. Nvidia users are also reporting difficulty installing GeForce drivers, though I can’t confirm this personally as my machines are all Windows 8.1. Hallock recommended manually uninstalling the update, advice now echoed officially by Microsoft. More troubles are detailed in the article; on the upside, Microsoft has released a fix.
This discussion has been archived. No new comments can be posted.

Forbes Blasts Latests Windows 7 Patch as Malware

Comments Filter:
  • Short sighted (Score:5, Insightful)

    by DavidRawling ( 864446 ) on Sunday December 14, 2014 @03:41PM (#48595211)
    Ah yes, one bad patch and we should all NEVER PATCH AGAIN BECAUSE THE SKY IS FALLING! Perhaps he will take personal responsibility the next time a patched vulnerability launches a new botnet? Nah, just write inflammatory rubbish, it's easier.
    • Re: (Score:2, Redundant)

      by maestroX ( 1061960 )
      Windows updates are annoying for laptop users. You're about to shutdown and leave, just waiting for the XXX updates to complete...
      • Re: Short sighted (Score:5, Informative)

        by nuckfuts ( 690967 ) on Sunday December 14, 2014 @04:12PM (#48595375)
        Here's a tip: If updates are pending but you want to shutdown quickly, don't choose Shutdown. Choose Log Off instead. Then, from the logon screen, you can choose either "Install updates and shutdown", or just "Shutdown".
      • Ignore it. It'll shut off itself when it's done. No need to wait for it.
        • by Barny ( 103770 )

          That is the issue. Windows on a laptop should specifically ask you if you want to install updates, because when you need to grab your laptop and run, you don't want to wait for twenty minutes of updates first.

          I would suggest using Hibernate instead since it powers down the machine, when you see the "I am going to delay you" indicator on the shutdown icon.

          • by rtb61 ( 674572 )

            When talking about Windows, mostly hibernate is the correct title because sometimes hibernate is not so much hibernate but crash on attempt to end hibernation and reboot. I would be fairly cautious about attempting to hibernate part way through an update. Better to go to Windows updates and change the configuration to download updates but ask before patching.

      • You're doing it wrong.

        Hibernate.

        • Worthless with most AMD GPUs as the drivers never reload so you just have to kill the system and choose to restart clean. Care to try again?
      • by gweihir ( 88907 )

        Indeed. This is the most unprofessional thing I ever saw. I had to force a shutdown in several cases on this, because I had to leave for a meeting or at the end of a meeting I had to vacate the room. Seriously, the person responsible for this does not have two brain cells to rub together.

    • by jkrise ( 535370 )

      Last 3 patches since October have all been nuisance to sysadmins. Time to look elsewhere.

    • Re:Short sighted (Score:5, Informative)

      by tranquilidad ( 1994300 ) on Sunday December 14, 2014 @04:26PM (#48595461)

      Though I agree with your sentiment there was an additional patch in the group (KB2553154 [microsoft.com]) that was a security update that conveniently broke ActiveX controls and macros in Excel 2013. It wasn't just one incredibly bad patch.

      I pity the poor vendors and their even poorer customers whose spreadsheets suddenly stopped working on December 10th.

    • by HiThere ( 15173 )

      Considering that this is for a version of MSWind that MS is no longer selling, one may reasonably conjecture that MS is not exerting strong efforts on quality control. This is evidence supporting that conjecture.

      You can call it short sighted if you want, but to me it seems good grounds for disabling auto-update. At this point one should wait a few days to hear reports about the quality of each update.

      OTOH, I'm presuming that you'll be able to update it on Friday. If this is wrong, perhaps you should just

      • Actually they are still selling it. You can buy it on brand new business machines today.

      • "... one may reasonably conjecture that MS is not exerting strong efforts on quality control."

        One may reasonably conjecture that a Microsoft employee deliberately caused problems so that people will buy new computers, with another version of Windows. If that was done at the request of top management is not known.
    • Re:Short sighted (Score:4, Informative)

      by reboot246 ( 623534 ) on Sunday December 14, 2014 @04:37PM (#48595507) Homepage
      I have my settings adjusted so that Windows tells me about the updates, but I choose when to download and install them. It's best to wait a couple of days after they're released to find out if anybody is having a problem with one of them. Let some other poor sucker get his computer bricked.
    • Re:Short sighted (Score:5, Insightful)

      by sjames ( 1099 ) on Sunday December 14, 2014 @04:49PM (#48595565) Homepage Journal

      That would be terrible advice. Fortunatly, nobody has suggested that. TFA suggested changing the setting to list updates for manual selection, and that's not at all bad advice. Wait a few days to see if people are screaming about horrible problems with the update, then select them manually.

      That would work even better if MS actually described what the update fixes (so you could decide if it's even relevant) rather than slipping things in.

      • by Nemyst ( 1383049 )
        Yes, because users who tend to forget how to open an email attachment will of course remember to apply updates to Windows. Smart.
        • by sjames ( 1099 )

          Some people wait for the little red light to change their oil. That sort of person should pay someone to look after their car and computer.

          Of course, that sort of person probably won't read TFA or /. and probably has no idea how to change the update settings.

    • by Okian Warrior ( 537106 ) on Sunday December 14, 2014 @05:23PM (#48595741) Homepage Journal

      Ah yes, one bad patch and we should all NEVER PATCH AGAIN BECAUSE THE SKY IS FALLING!

      Did he actually say that?

      Or did he say turn off *automatic* patching?

      It seems reasonable to always be 1 week behind in patching your systems - let someone else be the lightning rod for goofs and mistakes. I know some sysadmins patch "test" systems and try things out to see if the patches break their currently-running code. They don't seem to mind a certain time lag in patching.

      • by mjwx ( 966435 )

        It seems reasonable to always be 1 week behind in patching your systems - let someone else be the lightning rod for goofs and mistakes. I know some sysadmins patch "test" systems and try things out to see if the patches break their currently-running code. They don't seem to mind a certain time lag in patching.

        I as well as millions of other sysadmins would very much like this feature in Windows.

        That way we can immediately patch some machines and test for problems and then have the others patch 1-2 weeks later. 99% of the time it will be fine, but that 1% will save a weeks worth of downtime.

        WSUS doesn't really cut it in this regard and requires too much manual work for a sysadmin that already doesn't have enough time.

    • Re:Short sighted (Score:4, Interesting)

      by hairyfeet ( 841228 ) <bassbeast1968 AT gmail DOT com> on Sunday December 14, 2014 @05:47PM (#48595899) Journal
      Not to mention I used the supposedly "bad patch" on dozens of systems, Intel and AMD, with both APUs and GPUs...never saw this problem, not once. This leads me to think there was some sort of third party interference, perhaps an AV that is being over aggressive and causing the patch to only be half installed.
    • Re:Short sighted (Score:5, Insightful)

      by Paradise Pete ( 33184 ) on Sunday December 14, 2014 @05:57PM (#48595987) Journal

      Ah yes, one bad patch and we should all NEVER PATCH AGAIN BECAUSE THE SKY IS FALLING!

      How is it that you interpret disabling auto-update as meaning "NEVER PATCH AGAIN"? I took it to mean don't patch until you're confident it's safe to do so. Don't you think that's a more reasonable view?

    • Forbes is a publications for uneducated gamblers and people who intentionally deprive their brains of oxygen by employing fashionable silk nooses.
    • Ah yes, one bad patch and we should all NEVER PATCH AGAIN BECAUSE THE SKY IS FALLING!

      If Microsoft only put out "one" bad patch, you might have an argument.

      But hey, the modern day Microsoft apologist tactic of going apeshit instead of rational discussion, and blaming the victims is noted.

      And the "Capslock loaded and ready to rumble" is just adorable.

  • Let's just stop installing these updates, they're clearly created by Microsoft with the express intent of committing acts of malice, not to improve their software.

  • by radish ( 98371 ) on Sunday December 14, 2014 @03:59PM (#48595293) Homepage

    According to my update history they automatically uninstalled it the next day (via a new update). So the auto updates worked - no drama.

    • Yep, my history shows the Auto update installed the suggested fix 12/13/2014, before this article was posted here. I had noticed problems with Nvidia, so I'm glad they fixed it. Razr mouse may also have been affected. So the jury still says, let Windows auto-update.
    • In the provided link, MS claims that one of problems with the said update is that it prevents future updates. It seems that it was not the case, luckily.

      BTW, my problem with this update was that VirtualBox did not want to start the virtual machine.

  • That way you can just trash it & reload a clone if something goes wrong.

    • by oic0 ( 1864384 )
      If your system is a virtual machine, I doubt you care much about nvidia and amd video drivers.
      • by ihtoit ( 3393327 )

        I do, because my client is running in a VM sandbox, just like everybody else's/

      • My problem with this update was that VirtualBox did not want to start virtual machines. So running Windows inside VM solves all problems with this patch: just as you don't have to worry about AMD and Nvidia drivers, you don't have to worry about VirtualBox because it makes very little sense to run VM inside a VM.

    • I run plenty of alpha, beta and otherwise buggy Linux systems. But because I use snapshots in file systems, recovery from bad updates is trivial. Microsoft is stuck in the 20th century.

  • Malware? (Score:5, Insightful)

    by SydShamino ( 547793 ) on Sunday December 14, 2014 @04:05PM (#48595333)

    I think calling something "Malware" implies malice, something that's not indicated here as I see it. This is probably a case of incompetence, releasing poorly thought out, poorly written, and/or poorly tested code. Maybe we need a term for that - "bugware". (Or, for the cynics in the audience, we already have a term - "software".)

    • Re:Malware? (Score:5, Insightful)

      by arbiter1 ( 1204146 ) on Sunday December 14, 2014 @04:21PM (#48595427)
      Forbes are trying to make things sound worse then it is to get views without any real journalism.
    • by 0123456 ( 636235 )

      Didn't Microsoft lay off thousands of QA testers a few months back?

    • by HiThere ( 15173 )

      When an antivirus tool is disabled, then the presumptioon of sloppy carelessness is a bit strained. An assertion of "probable malice" isn't unreasonable. (One might, however, wonder on whose part. Was the update site hacked?)

      OTOH, is sloppy carelessness is the suspected reason, then one might well doubt the policy of installing patches that are less tested than those of Debian testing. Perhaps it's better to wait a few days and monitor the response.

      OTTH, updating a couple of days later after monitoring

    • by mauriceh ( 3721 )

      Or perhaps "crapware" .. Oh wait, that describes Windows in general!

    • by Lisias ( 447563 )

      Maybe we need a term for that - "bugware".

      I prefer "shitware". :-)

    • "Never attribute to malice that which is adequately explained by Microsoft's incompetence."
  • I'm just wondering if Windows has become so complex that even MS's programmers can't keep all the gears and chains and indexers humming along w/99.9% uptime.

    When are we as users going to insist on bullet proof OS's? It goes for all mainstream systems.

    Seems like it time for a ground up rebuild of the OS. If not, why continue using a system with so many problems. Patch after patch after malware patch and it doesn't change.

    • Any modern OS is too complex for a single person to understand.

      Windows is especially bad, given that the de facto goal is to maintain as much compatibility as humanly possible - including the antiquated Win32 API.

      Starting with Windows 8.1, the tendency is more towards the Unix method of providing several versions of the same thing (much like what was done with the Visual Studio runtimes), presenting applications only the one they claim to target (or the default, which is Windows 7, IIRC). This should allow

    • You can have a bullet proof OS today if that's what you really want, if that's you top priority. That means you're willing to forego the cool new features in favor of stability. It means learning an environment different from Windows, because stability is not the #1 priority in Windows.

      Some of the BSDs are far more stable than Windows and more stable than the most common Linux distributions. QNX is still more stable. So you can get as much stability as you want. You won't be playing the latest games

  • What can you do against vendors who do that? At the very best it's a hassle to fix the problem caused resulting in wasted man-hours (bearing in mind that most of us are not tech-savvy). At the very worst, this can result in permanent damage for example iOS 8 bricking your iPhone. What do you do then? What are your consumer rights when a botch (insufficiently tested) OS update results in a damaged device? Who is to blame here?
  • by Stormwatch ( 703920 ) <rodrigogirao@hotm a i l .com> on Sunday December 14, 2014 @04:46PM (#48595555) Homepage

    With the recent problems being encountered by Windows users all across the country, people are begin to ask themselves if windows is a virus. In response to the high demand for an answer to that question a study was done and concluded the following.

    1. Viruses replicate quickly.
    Windows does this.

    2. Viruses use up valuable system resources, slowing down the system as they do so.
    Windows does this.

    3. Viruses will, from time to time, trash your hard disk.
    Windows does this.

    4. Viruses are usually carried, unkown to the user, along with valuable programs and systems.
    Windows does that too.

    5. Viruses will occasionally make the user suspect their system is too slow (see 2) and the user will buy new hardware.
    Same with Windows, yet again.

    Maybe Windows really is a virus.

    Nope! There is a difference!

    Viruses are well supported by their authors, are frequently updated, and tend to become more sophisticated as they mature. So there! Windows is not a virus.

    • by reikae ( 80981 )

      I realize this was a joke, but how were viruses well supported by the authors in 1990s? The authors rarely provided contact info and their products only worked on computers running MS-DOS!

  • Really bad advice (Score:5, Insightful)

    by mseeger ( 40923 ) on Sunday December 14, 2014 @04:56PM (#48595595)

    Several readers have pointed out that disabling automatic Windows Updates is bad advice, and while thatâ(TM)s a fair argument I have to disagree.

    It is really a BAD advice. The average PC user is not an ops person. If an update bricks his PC, he will notice and can get help. If his PC is insecure, he will notice nothing and help (if ever) will be asked for much too late.

    His arguments amount to one thing: avoid changes. Any change is a risk. But so is crossing the street. In the long run, a change-averse strategy will lead to worse results than the occasional botched change (exceptions apply, but those are rare). And the only way for the average user to do changes is to automate them.

    • Any change is a risk. But so is crossing the street.

      I would have said, "Any change is risk. But so is not changing."

  • by jandrese ( 485 ) <kensama@vt.edu> on Sunday December 14, 2014 @05:40PM (#48595859) Homepage Journal
    After the patch my box started complaining endlessly that it was not genuine windows, but when I went to activate Windows page it said I was already activated and just told me all of the great benefits of having genuine Windows and that I should install MS Defender.

    It non-activated dialog box wanted me to install some application to double activate it or something? I've had a tough time figuring out exactly what's up with it. The links all point to genuine microsoft.com websites, so it doesn't appear to be malware, but I'll be damned if it's not acting like malware.
  • I had to uninstall a patch last week to get Virtualbox to work. Can't remember which one it was.

  • by NotSoHeavyD3 ( 1400425 ) on Sunday December 14, 2014 @07:02PM (#48596409)
    You know besides all the weird stuff you experience browsing with IE. I did a bunch of upgrades this past week (new AMD drivers, these MS patches) on my Win7 PC and I saw that the settings in IE kept getting reset. Security was cranked up so I couldn't download anything and it blew away my history by setting it to 0 days. I'd reset that stuff, reboot my PC and come back and see everything had been set back. I could only get rid of the problem by restoring my PC to last week. I thought I picked up a virus or that it was that Raptr junk in the AMD drivers but now I'm thinking it's this patch. (I know, I should use Chrome more. It's installed here and I do use it but I use IE as well.)
  • by phizi0n ( 1237812 ) on Sunday December 14, 2014 @07:56PM (#48596675)

    Pretty much anything that needed elevated privileges would fail to run even if you were running on an admin account and gave UAC permission. Even my TV recordings failed while the update was applied and at first I thought it was my video driver update that I did just before manually allowing windows update to install the patch. Because I had manually installed it, I did not automatically get the removal patch and had no idea wtf was going on until I dug through several posts about driver installation problems (that I did not have) to finally find that it was wrecking far more than just driver installation.

  • by 140Mandak262Jamuna ( 970587 ) on Sunday December 14, 2014 @07:57PM (#48596683) Journal
    Forbes faithfully parroted every Gartner study fully bought for by Microsoft, like the Total Cost of Ownership. It claimed Microsoft has reached a "utility" status and it should be considered a "widows-and-orphans" stock. It actively contributed to the culture of lazy CIOs choosing Microsoft because no one got fired for choosing Microsoft. It turned a blind eye to every illegal maneuver by Microsoft. Now, suddenly, it is blasting Microsoft? I think Microsoft is a lesser evil than Forbes.
  • by nateman1352 ( 971364 ) on Monday December 15, 2014 @06:06AM (#48599279)

    So Microsoft starts laying off 18,000 employees in several waves starting in July this year. One of the first groups that was hit hard by layoffs was QA (mostly contract workers so they are easy to let go.) Within that, the QA department responsible for testing OS security patches was hit the hardest...

    So now we are having a bunch of problems with botched updates that weren't tested sufficiently, go figure!

  • Malware implies malicious intent. This patch is just unintentionally buggy. Not the same thing.

Kill Ugly Radio - Frank Zappa

Working...