That is just fucking bullshit. Lumping people who do not want to be guinea pigs for Microsoft shoddy patching practices over the years, and their tendency to lump “content” or “forced Windows 10” upgrades with Security patches into the crowd of crazy anti vaccers is low, even for a Microsoft employee.
I’d think more people would be patched if they didn’t pull the shit they did when trying to get people to WinX and the additional lumping of everything into one patch (that will then fail for everything, like here - no “quality rollup” patch works (installs, reboots, roll back, reboot, back to unpatched state), but security-only patches from the update catalog do.) instead of letting you download each MS-advisory patch stand-alone. At least you can still grab for example May 9, 2017—KB4019213 (Security-only update) - Microsoft Support from the Update Catalog, but I’d expect that too to be closed down in the future.
What I read through other sources was that it was a file mostly obtained and spread through emails (or a click I suppose) that exploited a vulnerability with SMB shares to spread itself internally. The SMB exploit was based on leaked NSA tools because they focused more on attack than defense.
Also included with one or two cryptolocker tools (Wanacrypt) - which I suppose would could also include drive-by-infections through vulnerabilities in IE, GDI+, Web-Fonts, various Image Files and whatnot. From my understanding, most of these tools when run from web pages (adverts mostly) will try to get a target profile then try several vulnerabilities to get their ‘tool’ inserted to the target computer. Course, no point wasting a perfectly good 0-day on random users, so I would think most of these drive-by exploits will be published ones - unless they can guarantee a good return on spending one into a exploit-kit.
But I guess more tools will use it for a bigger impact and more money.
My search hasn’t functioned properly since the last huge update. I would absolutely not have automatic updates on if given a choice. I never took them automatically before, but I was never more than a few maybe handful of months behind.
Windows patches have had issues in the past, sure. So do vaccines. Still not a reason to put them off or avoid them entirely.
For all the hand-wringing by people who claim that Windows patches have had major problems in the past, and that’s why you turned them off, it ignores the fact that Microsoft always rolls out those patches to the world slowly and gradually. It intentionally takes days or weeks for them to roll out, just in case there are quality issues, and most of the people who encounter those issues (in the rare cases where they happened) were from people who manually installed them immediately, not automatically got them in the background.
One other way the comparison holds? Anti-vaccine nutjobs love to exploit the naive to spread their misinformation. Just like all of the assholes online who try to spread fear and misinformation about patching Windows.
And yes - this is fucking serious, because people are potentially fucking dying from NHS and other institutions being compromised by this latest infection, by procedures being delayed, and so forth. So if you think I’m a “fucking asshole” by comparing the two situations, I’m really sorry, but anti-vaccine nutjobs don’t like to be called nutjobs either.
I’ve always used auto-updates on all my devices and it’s pretty rare to have any issues (can’t recall the last time I did). I think the benefits outweigh the risks.
You’re right, but if you’ve been bitten just once by a patching issue, it’s going to remain a hot-button issue for you. I’ve had problems with patching doing unexpected things - hosing my graphics, rebooting randomly, forcing me to reinstall stuff. I’m willing to put up with that stuff for safety’s sake, but not everyone is. And make no mistake, there are issues. It’s impossible for there not to be with the kind of install base Windows has, on varied hardware with all sorts of third-party software. I bet the average user has an issue only once every few years, but it only takes one to set “updates bad” in your mind.
That’s the way 99.9% of the planet should be doing it.
At work we have a team of people dedicated to managing the patches for our thousands of servers and desktops. That’s what they do, patch management, full time job. I just pick various patch levels and assign them to our users and servers depending on what they need.
For my personal machine I just set it to automatic because I value my time. I do get irritated about the reboot schedule. I want to pick that, not MS. Forced reboots annoy the shit out of me and I don’t want to micromanage them or be forced into one.
How many people turned off auto-updates when Microsoft started bundling GWX with ‘recommended’ updates.
–Was that the “anti-vaccers” or Microsofts fault?
How many people turned off auto-updates when Microsoft stopped producing stand-alone patches and instead started bundling optional/content-patches with Security patches in “Feature Rollups”.
– And why are not the “Security Patches Only” made Important and listed as a Security patch (instead of only visible on the catalogue) whereas the ‘features+security’ is set to this level (Which patches in a different way, since it doesn’t work here, wheras Security only does…) and offered.
– Was that Microsofts decision, or those who argued against it?
When Microsoft removed details on patches on the KB articles and instead just said “Here’s a list of files we’ve changed”, was that to help people evaluate patches and make informed decisions.
– Was that Microsofts decision, or those who thought it was a bad idea?
The issue at NHS and elsewhere is due to under-funding–> poor IT infrastructure, not due to lacking ONE Patch from Microsoft. People have been cliking on links through emails since MIME attachments first came out, only Microsoft made it possible to auto run content through emails in various early iterations of Outlook, OUtlook Express, MIcrosoft Mail and whatnot. That too was Microsoft and not the “anti-vaccers” as you choose to deride those who took issue with Microsofts “turn” over the last few years.
Microsoft started releasing everything as cumulative updates because of the patch quality issues. The fact that Windows was literally the only mainstream operating system in the world that still separated out every single patch into its own distinct entity is the entire reason why quality suffered for a while.
Creating such a massive test matrix made it practically impossible for Microsoft and every organization in the world to adequately test every single combination for instability or incompatibility issues.
Releasing everything as a single line of servicing in cumulative updates simplifies the entire process, for both Microsoft and for organizations.
And for organizations which don’t want any feature changes along with their security updates, that’s why LTSB and CBB were created - to enable a fully supported way to defer or disable feature updates and only get security updates, without entirely sacrificing the benefits from the cumulative update model.
As for GWX, there were fully supported and fully documented group policies and other ways for anyone to disable it. But again the naive “tech experts” out there instead recommended manipulating GWX in unsupported ways - by directly modifying registry keys, or deleting files, or whatever else - and when you disable features in unsupported ways, it tends to not stick, since Microsoft does not write code to persist settings manipulated in unsupported ways.
Maybe you guy just need to Google Microsoft pulled patch and see their history. It’s uncommon but not exactly rare. There is no reason why I shouldn’t be able to update a driver without having to do a Windows Update too. Sometimes I don’t want to mess with an OS update at that moment. MS has already admitted they were too aggressive. Why the need to claim otherwise?
I hate their HELLO world bs after an update too. It’s creepy.
Haven’t seen that, but “Hello, world” goes back decades. When learning a new programming language, the first task one is typically asked to perform is to write that to the screen. It’s the Lorem ipsum dolor of programming.
I think the last time this happened was in 2014. Microsoft pulled the patch on the same day they released it, and the vast majority never got it because of the behavior I described above.
I’ve previously commented on the reboot behavior and am not denying that some of it was too aggressive. And same with how GWX was pushed. But I’m also saying that for the specific complaints being used as scare tactics for disabling updates entirely are overblown given the control which is there for the IT organizations which were actually affected by this specific issue going around.
Yeah, see I don’t think you Googled. I was hit by one of their nasty patch problems… unrolled it myself, after 2014. I had Google which one it was though that had a known bug
Today’s lovely updater reverted my speakers back to the monitor speakers because of… why? It reset my color schemes on my keyboard. Caused my Razer headset to stop working until i reinstalled that suite. Logitech was mostly okay but required an additional headset. The 2nd boot made the Plex server to stop responding entirely so here I am on the 5th restart and finally I have everything working as it should be.
I think delaying that hassle until I have time to deal with all that is not an unreasonable or an anti-vax move, don’t you?
I have the Creators’ Update loaded now, ready to complete on the next restart. I didn’t push it manually – it’s just my time. I admit to being a little apprehensive :)
Still haven’t been offered Creator’s Update on two home systems. At what point do I worry that something about my systems has gone awry? I have gotten other updates recently, so don’t think I’ve incorrectly blocked anything. I don’t need anything in Creators Update, just a bit surprised it hasn’t come through yet.
Journal entry, update +1 hour. I appear to have survived the update just fine. Nothing exploded, OOSU10 still works, and my USB hard drives are accessible. This will be acceptable.
