Oh that's nice...
....now would have to log onto the Internet to download it all over again FOR EACH FECKING WINDOWS PC's!!
Thanks for nothing!
With much "love" from...Windows Installer Monkey
Microsoft has forced the effective shut down of the AutoPatcher download service. AutoPatcher offered an alternative to Windows Update by providing an up-to-date collection of security patches and tweaks in a single file for each supported version of Windows. Sys admins could save time and bandwidth by updating machines from …
I understand why they wouldn't want the Autopatcher site to exist--it provides a way for 'unverified' copies of Windows to get patches. However, if MS wasn't so eager to crush everything that isn't MS out of existence, they should have bought them out, or offered to host the utility with some form of verification of the Windows copy. Sadly, another good samaritan gets stomped on, and IT pros and casual users lose a valuable tool for patching systems that don't have access to a broadband connection. Things like this make me believe that in the end, Linux & Open Source will eventually prevail.
It had been third party patches that saved M$' bacon several times not that they would acknowledge that.
Its about lock in, in a possible future heavily hinted about by Ballmer et. al. M$ really wants a rental model. Pay your small yearly Windows fee and support will continue, no and you M$ will cast you down to the various Windows plagues and deteriorated performance.
MS are really really trying hard to make themselves un-popular.
Aside from all the issues with WGA, MS dont yet realise that applying a patch and then rebooting immediately is not good for production systems.
I dont use windows on my desktop anymore (been a few years now) and everyday i read el reg i thank Linus and chums for making my life MS free.
I am also now refusing to support MS systems belonging to family and friends. The slightly steeper learning curve of linux is nothing compared to the windows hell they are in now.
Go away Microcrap!
1) Does this mean no more service packs on cover CDs then?
2) What guarantees do Microsoft document that Windows Update itself is secure e.g. from an "I, Robot"-movie-style hijacking of update downloads, and subsequent widespread downloading of non-MS malware? E.g. some readers may remember that El Reg's advertising servers did once start distributing malware, loads of other sites using the same ad company were hit too, what guarantees does anyone have that MS's official Windows Update servers won't get taken that way or some other way one day?
I feel for the people whos hard work goes to waste when they are just trying to help with problems M$ should be fixing themselves.... there support is poor... I have been a Linux desktop user for over 5 years now.... and support is everywhere for us... why propiatory is crap...you have to wait for the vendor to pull there thumbs out!
There's a simple solution to this, which I've already written, and it all relies on some nice tools provided by MS :)
Ingredients:
1. Download MBSA (Microsoft Baseline Security Analyzer) from MS.
2. Download the latest wsusscan.cab from MS.
Run the MBSA tool against their CAB, specifying XML output. Parse that XML output for a list of patches needed including their HTTP locations at MS, and get your little app to download them to a cache. Install if necessary. (Or, copy cache to a dvd/cd, and run same app at friends, just doing the scan/install part).
I have this working, but it needs a bit of polish.
As it wouldn't distribute any MS code, surely it can't be illegal ?
I recently upgraded my perfectly adequate NT4.0 server (200MHz CPU & 128M RAM, 28M in use) to a Win2000 Advanced Server (2x PIII 933MHz, 512M, 300M in use) so as to run WSUS 2.0
Total pain and more like a beta. However, if it works my 9 x XP and 2 x W2K will only be one set of downloads centrally managed. But why is a "mature" service like this so broken and awkward to use?
Autopatcher going for 4/5 years without hiccup - amd M$ aware of them.
It stinks that they now close them down (or the download page at all). Us techies rely on autopatcher quite heavily in some cases. It's so much easier - particularly for house calls (not that I do many)
Once again M$ makes it harder for their own users and people who try to support (fix) their software
It's not like a keychanger and a legit 'doze key won't let you get a 'Genuine Advantage' (TM)(R)(P)(C)(whatever) anyway and MS themselves will patch you gladly.
And it's not exactly like the evidence is suggesting that the official updates are always infallible or safe to install...
This just shows that Microsoft has a total disconnect from its customers and really has no clue as to how the real world operates.
When loading a new PC with Windows, I never allow it to be connected to the internet until it has been patched. Otherwise, there are too many ways that it can be probed and hijacked. At least with the current level of patches, you are down to just the most recent vulnerabilities, rather than the whole gamut. Additionally, I much prefer a single download to the multiple downloads on multiple PCs with innumerable reboots between each.
Well, between this and the Vista farce, it is pushing me to concider the Mac or Linux. I'm still trying to figure out what the Genuine Advantage is.
"As it wouldn't distribute any MS code, surely it can't be illegal"
Under the DMCA, if Microsoft *says* it's illegal, then it *is* illegal. A takedown notice under the DMCA does not require the sender to *prove* anything - failure to comply with the takedown notice *automatically* subjects you to the scrutiny of US Federal law enforcement officials.
And, let's face it, under US law, if they want to find you guilty of doing something illegal, there are plenty of laws that make damn near everything illegal.
When MS insisted on users asking for permission to use the software they had already paid for, I concluded that WIndows XP and later were not for me. Then came the need for WGA "verification" for the downloading of Windows 2000 updates. I refused and had to put my trust in other defences. I am NOT having MS furkle around inside my PCs to see if they like what is there.
Then 6 months ago I stumbled on the Autopatcher team, and have been an ardent fan of their work ever since. But that must be what MS are trying to prevent. Sadly I missed the August updates, but I am now current to July 2007, whereas I was previously only updated to SP4! Thanks for all the hard work, gents.
Now where is that penguin?
AutoPatcher not only did what WSUS does, but it also adds several of the better 3rd party "must haves" (Sun's JRE, Flash, Shockwave, etc.) and includes a scad of registry updates.
It was really nice having the DVD for when I was bringing up a new machine at the shop.
Since, legally, I'm supposed to patch to current levels (according to the DSP agreement), but I can't patch at Windows Update if I don't activate, but I'm not supposed to activate!
(Microsoft has a work-around. A severe pain in the ass, it is, but they DO have one. Not worth a feces if you always do custom machines - which the screwdriver shop I work at does.)
But you know, I've figured it out. Microsoft's Legal Department is run by a Linuxhead.
No, seriously. Microsoft is doing more to improve the level of Linux and OS/X installs than anything either camp can do on its own. Think about it - if a government or competitor made Microsoft screw itself as badly as it's routinely doing nowadays, they'd be screaming bloody murder (deservedly!)
RwP
WSUS is all fine and dandy (not really), as long as you are all on the same intranet. But updating separate PCs on multiple networks will now require multiple downloads. As I said, a total lack of understanding of their own customers. All that money must have gone to their heads as they want more and more. "Avarice is the root of all evil."
It's all in the title.
Knowing how m$ behave, what's surprising to me is the length of time Autopatcher was allowed to operate without m$ sticking the boot in.
Surely several thousand other computer users are now going to switch to a Linux variant or OSX.
Linux leaps from strength to strength especially in the area of install and usability for the non-IT literate. Plus the various user friendly GUI's available, and all those distro's. Finding one that suits is worth the investment in time and effort these days. As little as three years ago I couldn't recommend Linux to the average home user. Nowadays I actively encourage people to ditch micro$oft, and seek out a suitable distro.
micro$oft are slowly committing suicide.... and I like it.
I do not think I am being at all unrealistic when I say: Here's hoping that 2010 heralds a Linux user base with greater than 50% market share. Bye bye micro$oft.
. . . .the M$ campus is like NO OTHER COMPANY in the world. They have blinders on and only a few of them up there realize that companies MAY need to do things differently. haha MAY. You would think after dominating the market they would finally finally listen to their customers, but that's never gonna happen. it's quite sad, but will never change up there.
Eduard Coli, above hit the nail on the head. Prepare for more ASSimilation. i.e. grab your toes and spell RUN.
<quote>
1. Download MBSA (Microsoft Baseline Security Analyzer) from MS.
2. Download the latest wsusscan.cab from MS.
Run the MBSA tool against their CAB, specifying XML output. Parse that XML output for a list of patches needed including their HTTP locations at MS, and get your little app to download them to a cache. Install if necessary. (Or, copy cache to a dvd/cd, and run same app at friends, just doing the scan/install part).
<quote>
And I keep hearing linux administration is complicated :) I keep hearing drivers are a problem to though...and vista?
As for the firefox updates, please please lets see some of them using version 3 of the GPL :)
cheers
Force Microsoft to send patches to *ALL REGISTERED USERS* via regular postal mail every month, and again if any "emergency" patches are released.
How many billions of users would they have to send patches out to ? - who cares, it's a problem of their making, and their problem to resolve - they've got enough in the bank to cover it :-)
I'd forsee one of two things happening quickly:
1) Autopatcher would be renamed / released by Microsoft immediately
2) They'd take a LOT more care over their sloppy coding !
WSUS updates have their place, and are indeed invaluable in an Enterprise environment. That said, if you want to bring a new build up to speed quickly, and especially if you don't want to release it onto a network until it's at least partially patched, Autopatcher was just the thing. Another scenario: you work on a family member's PC, or a traveling employee's, far from a reliable broadband connection. Run Autopatcher & be done in no time, or spend all night downloading multi-megabyte patches. Or suppose (like we do) you have old software that is mission-critical, and doesn't agree with a few specific Win patches. Sure, you can select which patches to install, but why not just turn them off far easier in Autopatcher instead of wading through Windows update? Of course you can painstakingly archive the patches from the cache, make your own custom script, and install them after burning everything to a disc, but why have to reinvent the wheel? Someone had already done this for you, and obviously spent a lot of time perfecting it.
And what is the point from MS's end anyway? Windows "Genuine Disadvantage" and verification is ridiculously easy to circumvent, as others have pointed out. You can just download the patches on another legit PC and install them at your leisure--you don't need Autopatcher to do this. I'll be hanging on to my copy for some time to come.
/rant
I thought that MS was considering a P2P model for some things in the future.
Now that would also mean that you get your MS bits from some "untrusted" source if I follow the reasoning of MS.
maybe they are really tired of having no competition and wants people to change to another OS so that they have to become creative (again) ?
Patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,patching, patching,
Yes, they are truely inspirational!
I have, as a matter of course, turned off automatic update on every windows machine that I have ever run.
On this one I am still running XP sp1.
I patch my own system (and the machines at the place I work, which run from 98 though xp pro with some ME thrown in) where and when we need it.
As we have a ban on IE and Outlook here, we just don't think that most of the security patches are needed or even safe.
Possibly, I would change my mind on this if I saw the source code; I just can't bring myself to trust other programmers though.
Certainly not the hacks that brought us Vista and IE7.
This is the final straw. I've used and actually liked MS products - particularly NT4 and 2000, with XP grudgingly used as my main home OS - but the patching is beyond a joke. The big draw for me was Visual Studio, which I think is pretty damn good, but it isn't good enough to put up with this.
I've recently bought a second hand ibook G4, and consequently my primary XP desktop hasn't been turned on in weeks. And of course, when XP does get booted, it'll be bleating about updates required...
So that machine is getting Ubuntu on it. The server (2000 based) is getting wiped and having Ubuntu on it. The mail server is already running OpenBSD.
Where do I take my licenses for a refund? I never knowingly agreed to being treated like an idiot by Microsoft!
I'm trying to contact the autopatcher admins to see if one of them would like to see - and if interested, take over the code of - my patching app.
As autopatcher helped so many people, I think it would be right to let people legally use this (and MS own tools of course) to achieve the same end.
If one of them is reading this, please contact me via the comment on the autopatcher page.
Perhaps if some kindly El Reg admin has a direct line, they might pass on my email :P
Let's say MS produces buncha' patches, and some third-party wants to distribute them. Now there's the obvious possibility that this very evil and untrustworthy third party tampers the patches to include some malware. How possibly could MS protect its customers?
Maybe by publishing list of checksums for all the patches published? How about MD5? The algorithm is free of royalties, and quick to compute.
Or, even better, could MS supplant each patch with a digital signature, to be verified during installation of the patch?
Is that a rocket-science to MS developers? Or did MS overlook it totally on some purpose...?