back to article Windows Defender update: So secure, it wouldn't let Secure-Boot Windows PCs, er, boot

It has been a trying time for Microsoft punters after a Windows Defender update left some PCs unable to boot last week, while other folk continue to struggle to even get to the update service. How do you make a PC super secure? Don't let it boot A tweak to Windows Defender slowly creeping its way over PCs has an issue that can …

  1. Anonymous Coward
    Anonymous Coward

    Has Windows Store gone down? A tracert to store.microsoft.com ends up with timeouts...

    1. Nolveys
      Windows

      Seems up for me, though actually buying anything from the damn thing seems near impossible so maybe there's not much of a difference.

    2. Persona Silver badge

      The DNS issue that stops BT internet users from using the Windows Update service also stops them being able to download apps from the store.

      1. JetSetJim

        Seems like a good feature that other ISPs should consider implementing...

      2. Anonymous Coward
        Happy

        Has BT accidentally been competent?

    3. Someone Else Silver badge
      WTF?

      Why would anyone give a flying fuck if the Micros~1 Store has gone down?

  2. TRT Silver badge

    Worth it just for...

    "... the next dollop of steaming goodness to drop from Redmond's update orifice"

    1. Anonymous Coward
      Anonymous Coward

      Re: Worth it just for...

      That line does just write itself, but personally, I would have gone with 'sphincter.' Orifice is too general.

      1. Inventor of the Marmite Laser Silver badge

        Orifice is too general

        Well, give it a number. Orifice 365 maybe.

        Or another lower (and falling) number.

        1. Fatman
          FAIL

          Re: Or another lower (and falling) number.

          How about:

          Officer 357?

          Someone at Microsoft could take a clue......

  3. JimmyPage Silver badge
    Facepalm

    ... go into BIOS ...

    so unless you have an IP KVM solution, that's a trip to wherever then ?

  4. chivo243 Silver badge
    Windows

    Meanwhile back at the ranch

    Once back in Windows, rinse and repeat X the number of units affected. I don't mind doing windows support, but things have gotten out of control... I get the feeling that the desktop OS is just window dressing for M$.

  5. Jim-234

    At least you can get your machine back maybe -- sometimes with updates you are not so lucky

    The whole new Windows Update business is getting worse and worse at destroying hardware, and removing your ability to actually get the work done on your computer.

    Windows Update is starting to be the best reason for moving to Linux.

    We just had Windows 10 update ruin some higher end Dell 7573 laptops (just out of warranty) with Dual Intel/ Nvidia video. Working fine for ages under Linux, also working okay under windows 10 till the updates ran and then... well there went the video bios into permanent garbled mess and the laptops are done.

    It's becoming standard these days that when one of our customers or clients mentions something is going crazy with they system (like their Surface Pro), we tell them that in a couple days it will be in the news about what update it was that made things nuts.

    1. Mark 85

      Re: At least you can get your machine back maybe -- sometimes with updates you are not so lucky

      One would think that borking Win7 updates would fulfill MS's goals of getting everyone over to Win10. This is just one more reason not to upgrade (or downgrade if you will). I'll credit sheer incompetence at this point and not malice.

    2. Fading

      Re: At least you can get your machine back maybe -- sometimes with updates you are not so lucky

      Guessing those are on Sandybridge Intel or older (so HD3000 IGP or earlier)? The driver in the latest win 10 build causes a blank screen - need to roll back to the previous driver.

      1. Jim-234

        i7-8550U CPUs with Nvidia MX130 video, so fairly new chipsets.

        On the 2 laptops the latest windows updates ruined last week, it actually overwrote something in the video chip firmware while "updating the driver" so the problem now exists even when you first turn on the system and go into the system setup, or boot to another OS like Linux.

    3. Hans 1
      Windows

      Re: At least you can get your machine back maybe -- sometimes with updates you are not so lucky

      Bloody hell, we have an Alienware here and the thing went nuts yesterday, you have like 7 seconds after bootup to disable the discreet graphics card or the system will display a message about a graphics card issue then freeze.I uninstalled the driver, download from nvidia, enabled the GPU again, then the bloody thing froze again ... will try from alieware website, however, dirver is much older ...

      I hope they have not wasted the graphics firmware or I will have to get Linux on it to fix and I have better things to do ... that and the nvidia firmware is encrypted, which makes the whole thing a pain as you rely on nvidia to do the right thing (have they ever ?) and provide the tools,anyway, we'll see ...

      This is for both, NVidia and Microsoft:

      https://www.youtube.com/watch?v=_36yNWw_07g&t=10s

      1. Fatman
        Linux

        Re: At least you can get your machine back maybe -- sometimes with updates you are not so lucky

        I gave you an upvote for clearly expressing your dissatisfaction with this intolerable situation.

        I had a similar epiphany some 12 years ago, and made the decision to completely rid myself of anything Microsoft. (See icon)

  6. Trigun
    Facepalm

    Again...

    What on earth is going on over at Redmod? It's been more than a year of update hell from them and it's gotten to the point where admins just don't want to push out updates to clients unless they really must.

    1. Anonymous Coward
      Anonymous Coward

      @Trigun - Re: Again...

      And that's exactly why Microsoft works hard to remove the ability for anyone to mess with updates.

    2. Mark 85

      Re: Again...

      They killed the QA department is most likely the reason. Let the customers/users be the testers as it's saves money.

      1. Steve Davies 3 Silver badge

        Re: Again...

        but why aren't businesses and individuals not sueing the bejesus off of Microsoft?

        If this was any other company there would be a stream of lawsuits filling the courts. Just think of the sheer number of cases against Apple as an example.

        Their {insert negative adjective of choice here} attitude will drive customers away.

        The longer this goes on, the more people will leave their platform.

        Is this all part of SatNat's grand plan to drive ordinary people (and SME's) away because they are not big revenue earners or what I really don't know.

        1. Carpet Deal 'em

          Re: Again...

          There's probably something in the ToS that say you can't sue them - and even if there wasn't, lawsuits are a huge hassle that most people wouldn't want to bother if they didn't have to(hiring a lawyer, taking days off to appear in court, etc). It's possible for a class-action lawsuit to happen, but we all know how that would turn out.

      2. martinusher Silver badge

        Re: Again...

        >They killed the QA department is most likely the reason

        I've had more than a few run-ins with software developers in recent years who seem to think that "Agile" and/or "Rapid Application Development" mean "Hose code at the side of a barn and see what sticks".

        I put it down to a lot of people being taught how to code leaving relatively few who know how to program.

      3. aregross
        Meh

        Re: Again...

        "... Let the customers/users be the testers as it's saves money."

        Don't know why you're surprised... it's been this way since Win95!

      4. herman

        Re: Again...

        Bill Gates was the CEO and the head of QA. Since Billy Bob left, MS outsourced QA to the end users.

        1. Someone Else Silver badge
          Trollface

          Re: Again...

          Since Billy Bob left, MS outsourced QA to the end users.

          And the end users are not even getting minimum wage for their efforts? I see (YAN) class-action lawsuit on the horizon....

      5. Dave K

        Re: Again...

        It's genuinely impressive just how poor the quality of MS software and updates has become lately. Go back several years and Windows 7 plus Office 2010 was a fairly stable combination. Not perfect, but reasonable enough. Nowerdays though, Windows 10 feels like a flaky piece of beta software and Office 365 is just full of various bugs, issues and annoyances. Sadly the updates seem to introduce more bugs rather than fixing things, it's all kind of tragic.

        I'm even running into stupid things lately whereby I cannot save a PDF direct from Excel to Sharepoint - I just get a file access error meaning I have to save it into Temp on my laptop, then cut and paste it to Sharepoint. For companies that unfortunately rely on MS software, the quality of their releases recently has been a joke!

  7. Captain Scarlet Silver badge
    Childcatcher

    BT Dns

    It has been flaky for a lot of services, I really should stop being lazy and do what I used to do and use OpenDNS on the BT Home thingy 5 router.

  8. Anonymous Coward
    Anonymous Coward

    Microsoft unreachable?

    Some of us would call that jolly good news :)

    Joking aside, WTF? I would be OK with companies putting up some barriers, but only when documented - that should be our choice, not theirs. What are they going to block next otherwise?

  9. jelabarre59

    Not a bug

    A MSWindows update that prevents MSWindows from booting? That sounds more like a feature than a bug to me.

    "I keep letting Microsoft's 'Malicious Software Removal Tool' install, but next time I reboot. MSWindows is still there..."

  10. martinusher Silver badge

    My personal Windows 10 update....

    ....is Linux Mint.

    I got so fed up with the updates that I just now just boot Linux from a USB stick. It works for most of the things I do and it is either as fast or faster than Win10 running from the hard disk. Obviously I can afford the luxury of not working in an Office environment but when you see someone being productive in that world more often than not you tend to ask yourself "is this functionality adding anything to productivity?".

    1. david bates

      Re: My personal Windows 10 update....

      Mine was - but unfortunately Mint will no longer install on my system due to a long-running bug installing GRUB. I've had to move to Ubuntu but I'm not really enjoying the experience and will be back to Mint as soon as they get round to fixing the issue.

      1. Tigra 07
        Linux

        Re: My personal Windows 10 update....

        I used Mint but it wouldn't run on my newer hardware and the WiFi was very unreliable. Ubuntu worked great with a few minor tweaks to add functionality. Now i'm using Kubuntu, and it's a perfect replacement for Windows.

        Your experience may differ

      2. Peter Gathercole Silver badge

        Re: My personal Windows 10 update....

        I've not used Mint recently (I built a system using it when Unity was being shoved down our throats by Canonical, but actually settled on Gnome Fall/Failback which I'm still using today), but is it not the case that Cinnamon and Mate are in the Ubuntu repository, so you can use one of those in preference to Unity or Gnome to make Ubuntu look more like Mint?

        I'm actually surprised that Mint has a Grub issue and Ubuntu doesn't, as Mint is a downstream distro of Ubuntu. Does Mint have a different policy regarding the kernel version than Ubuntu?

    2. shawnfromnh

      Re: My personal Windows 10 update....

      Same here MX18 running in ram and persistant.

  11. Dan 55 Silver badge

    "Enterprising users have reported success with switching to Google's DNS"

    Other DNS services are available.

    1. Anonymous Coward
      Anonymous Coward

      Re: "Enterprising users have reported success with switching to Google's DNS"

      Other DNS services are available.

      .. that are indeed less about logging what you look up.

      The best ones for those privacy aware are at 85.214.20.141 and 80.241.218.68. Recommended.

  12. bombastic bob Silver badge
    Meh

    disable that whole pesky Secure Boot thing.

    should've been done from the start, In My Bombastic Opinion

  13. Anonymous Coward
    Anonymous Coward

    Where's the Defender hurling a brickbat gag in the subhead?

  14. Tezfair

    golden age

    I look back to XP / Office 2003 / Server 2003 and think how wonderful those days were.

  15. doublelayer Silver badge

    What are the symptoms

    What exactly happens when the machines don't boot? Usually, the machine has to do something to indicate the reason it isn't doing anything. The reason I ask is that a machine over here recently installed an update, though we don't know which update, and refuses to work normally; it boots to windows in a way but sits on a page showing only the time and date, refuses to show the login screen, and ignores input. This could be described as not booting into windows. If people here have experienced this bug, is this how it manifests? An internet search suggests that a bug like the one we're seeing has been around for a while, but I don't know exactly what this machine got hit with as no others are doing this.

    1. Hans 1
      Windows

      Re: What are the symptoms

      Been there and all over Windows hell and back

      Unfortunately, Startup Settings only appears as an option in Advanced Startup Options if you access it from within Windows. In other words, Windows 10/8 needs to be working properly before you can boot into Safe Mode, which you only really need to use if Windows isn't working properly.

      Yes, it is brain dead, no there is no excuse, no I do not think it is malice, and, last but not least, I asked my cleaning lady this morning if this was a good idea, and she replied "No, of course not, who are those numpties". I could have asked a surgeon, banker, police man, or car mechanic, I doubt there is more than one single person on this planet who thinks this is a good idea, however, somehow, MS managed to hire just him/her.

      What you can try, is, during boot up, force it to go off ... like, remove battery (if laptop), plugged into mains (as usual) during startup, unplug it, it should go off pretty quick, plug it back in then start it, and you will get the startup options.

      Otherwise, on a different Windows box, got to System & Security > Security & Maintenance > Recovery and create a recovery usb disk.

      Start it with Command Prompt and execute the correct bcdedit command as shown below based on which Safe Mode option you'd like to start:

      Safe Mode:

      bcdedit /set {default} safeboot minimal

      Safe Mode with Networking:

      bcdedit /set {default} safeboot network

      Safe Mode with Command Prompt:

      bcdedit /set {default} safeboot minimal bcdedit /set {default} safebootalternateshell yes

      once you are in, you can undo these commands in the Startup Settings

      Source: https://www.lifewire.com/how-to-force-windows-to-restart-in-safe-mode-2625163

      1. Hans 1

        Re: What are the symptoms

        No, I have not calmed down, yet ... on to my beloved Porsche Boxter, a wonderful car, really!

        The other day, the battery went, it was starting to show signs of use ... and in this cold weather, it gave up ... Ok, I get a new one ... try to open the bonnet and ... I need power for that, bloody idiots!!! Guess what's the only thing under the bonnet ? You guessed it ... the battery, well, and coolant ... I guess in case your battery runs flat and you need coolant ...

        Yes, well, there is a way to plug the new battery to connectors near the door to open the bonnet, but ... you need to hold two wires on 4 different poles and action the open bonnet button at the same bloody time, so you need jump leads to attach the cables to the poles on the battery, but crikey ... crikey ... these piss-poor design decisions do make you boil over ...

        There, feel much better now ... thanks for reading ... ;-)

        1. Dave K

          Re: What are the symptoms

          I know the feeling, I drive a motorcycle (BMW), and on previous models the battery used to be under the seat. Nice and easy to change, you just pop the seat off, remove the cables and two straps holding it down and you're away. Or if you need to charge it, pop the seat off, clip on the charger and go!

          The newer BMW bike I have? It's under the fuel tank. So you've got to remove the seat, unbolt the faring, unbolt the oil-coolers, remove the fuel pipes, unbolt the tank, disconnect the fuel pump, lift off the tank, then FINALLY you're at the battery! It also means of course that the simple act of connecting a charger to the battery is a pain in the absolute arse as you grovel under the fuel tank with your finger tips trying to clip the damn thing on to the battery terminals (that you can't see).

          I do with modern designers would stop to think about ease of maintenance when designing things...

          1. Stevie

            Re: What are the symptoms

            I'm fed up with car headlights that require you to dismantle the car to just change the blasted bulbs.

            If there is merit in shoe-horning everything to the front of the car, why not have the headlight assemblies unlock and hinge forward for a nice, easy bulb-change?

            Years ago a friend and I looked into buying an old "super-car" between us. We had the skillz. We had the dosh. The deal killer? Engine-out service every 3000 miles. Couldn't get the plugs out without lifting out the engine either.

            1. The Oncoming Scorn Silver badge
              Pirate

              Re: What are the symptoms

              Boring Barry in the pub every Sunday would enlighten us every week about how on a car manufacturers training course he was told "You're (The service tech) are the last person we (The Designers) think about".

              Over here in Canada land , I got pretty annoyed at finding car batteries buried under the coolant tank with battery terminals on the side rather on top. Spark plugs at the back of engines & buried under the manifold & other fun servicing quirks.

              I got to be fairly adept at changing my headlight & other bulbs at the front of my Avalanche & used to change them all out at the same time rather than having to jump through the whole tear down process (Especially with winter on the horizon), along with the spark plug's etc which given the size of the engine bay allowed me to lay across the engine with reasonable clearance to change the last spark plug on the left hand side (Cylinder head had the plugs pointed to wards the firewall & the braking\hydraulic system making it a right bitch to get out, but not impossible if you used a plug socket with a 3/8" - 0.5" adapter (Some people advocated getting at that last plug by removing the wheel). The other side naturally had masses of clearance & all the plugs faced forwards).

              Changing the oil pressure switch cost me more blood & skin despite my relatively small hands, as someone had thoughtfully to put it half under the firewall & behind a plastic shroud.

              Icon because there's no cowboy symbol & the blades suggest lots of blood loss.

        2. JJKing

          Re: What are the symptoms

          Didn't the Peugeot 504? require the engine to be removed so you could get to the battery? May not have been that one but I do remember it was a French car so I never bought any vehicle from that country.

      2. The Oncoming Scorn Silver badge
        Pint

        Re: What are the symptoms

        I have my Windows 10 machines set up to give the boot manager menu at startup, & its scripted to reapply itself on every boot, just in case any updates decide to helpfully remove it.

        1. johnnyblaze

          Re: What are the symptoms

          ...and while that's very clever of you - should anyone really have to go to that extent in this day and age? MS obviously think their holier-than-though OS doesn't need all these easy to acces repair settings anymore, because it's just do damn great. In reality, Windows now breaks/fails more often than ever, and recovering it manually is now almost impossible.

          Ah, I yearn for the days of pressing F8 at boot time for a nice, simple to use list of recovery options...

  16. Anonymous South African Coward Bronze badge

    Buggrit millenium hand and shrimp.

  17. don't you hate it when you lose your account

    All fine here

    All my Windows are opening and closing without a problem. But like any other simple household object I never connect them to the Internet.

    1. Stevie

      Re: All fine here

      So you think, but that "Intelli-blind" system you installed so you could open and close 'em with your smartphone has been hacked and the windows themselves suborned by Chechnyan Evildoers.

      All your lightbulb are belong to them too.

    2. Nolveys
      Unhappy

      Re: All fine here

      My Windows froze. It was -37c when I woke up.

  18. Pascal Monett Silver badge

    "Secure Boot can then be switched back on"

    And why on God's green Earth would I want to do that ? If I can boot without it, it's going to stay off.

    1. shawnfromnh
      Joke

      Re: "Secure Boot can then be switched back on"

      but what if one day you find that windows has installed itself like a root kit and you can't remove it.

  19. 0laf
    FAIL

    Windows fukdates

    Windows update recently nearly bricked a netbook I have. I switched it on for the first time in months and ran updates. On the reboot it demanded a bitlocker key.

    I hadn't switched on bitlocker (didn't even know it was available on W10 home) or drive encryption of any sort (it's a crappy low power netbook) so in no way did I have the bitlocker key.

    after quite some delving I found I could log into an MS account from another device and determine the bitlocker key to unlock my own machine. WTF is this shit?!?!

    1. shawnfromnh

      Re: Windows fukdates

      Hell no other device needed. Pop in your medicat admin tools dvd or usb and boot into that and fix windows.

  20. Citizen99
    Trollface

    There is an upside, if you're a Linux user looking for decent quality hardware cheap with bricked-up windows ...

  21. SVV

    Windows defender stops Windows 10 from booting?

    Sounds like it's doing its job of stopping malware.

    1. Fatman
      Linux

      Re: Windows defender stops Windows 10 from booting?

      Didn't you know??

      Windows IS malware!!!

      1. shawnfromnh

        Re: Windows defender stops Windows 10 from booting?

        I didn't realize that. I thought it was still classified as spyware. Well ya live and learn.

  22. N2
    Trollface

    Moronsoft

    The gift that keeps on giving...

  23. Howard Hanek
    Linux

    An Epoch Forming Achievement

    Windows 'Defender'

    To reach the apex of the oxymoron pyramid our society has created is a tremendous achievement. Kudos to Microsoft for giving wordsmiths something to aim for.

  24. Someone Else Silver badge
    Facepalm

    Corollary

    The article section header states:

    How do you make a PC super secure? Don't let it boot

    This appears to be a corollary of the old saw: "I'ts not a bug, it's a feature!"

    For Micros~1, it's a design constraint....

  25. shawnfromnh
    Linux

    Alex, I'd like Linux is better for 800.

    Windows will not start.

    That would be why you are happy you left windows years ago?

  26. JJKing
    Facepalm

    Windows 7 and Update Kills USB Ports

    Friend of mine just went to update Windows 7 with 2019-01 Preview of Monthly Quality Rollup for Windows 7 for x64-based Systems KB4480955 only to find all the USB ports were disabled. No mouse, no keyboard but was fortunate enough to have a PS/2 port (if I understood his description correctly) and uninstalled it. Thinking it may have been a mistake on his part he ran the Update again and uninstalled it again. WTF is Microshafting us doing?

    I did a search about this and found that this has been happening since 2013 to some machines. WHY?

  27. Long John Silver
    Pirate

    Symptoms of deeper Microsoft malaise?

    Microsoft was founded during a time of great excitement. Personal computing devices were moving from the realm of hobbyists into that of business. There was no standardisation of hardware or software. New choices popped up whilst older ones departed into oblivion or fond memory. Hence the word 'micro' inserted into the new company's name.

    Microsoft was founded by curiosity driven entrepreneurs. Their prior creation of Z80 coded software for a functional version of BASIC might be called proof of concept that small devices can do useful things. It's notable that the initiators of Microsoft did not come from business school backgrounds.

    Microsoft started out as the right company at the right time and entering a virgin market. Its founders' brilliance and foresight made the company a magnet for employment by other talented people. The Microsoft of today is literally a globe-straddling behemoth. Therein, lies what could turn out to be the seeds of its destruction.

    Microsoft grew rapidly and developed a quasi-ethical marketing strategy that's led to near monopoly control over 'consumer' desktop and laptop operating systems together with that of business workstations. Only in the realm of server technology has Microsoft not achieved dominance. Also, forays into the burgeoning mobile smart phone software market haven't got far because Google and Apple had blazed a trail.

    Obviously, in terms of its 'bottom line' Microsoft continues to do very well indeed. It began to look unchallengeable. Yet, as with so many huge corporate entities it long since lost the drive of its hunger motivated entrepreneurial founders. Microsoft is directed by people trained in business schools rather than knocks acquired during attempts at entrepreneurialism. Business school graduates fast-track on pathways leading to CEO positions and in the course of a career may ascend, as CEO, a ladder of increasingly large companies and conglomerates. Modern CEOs, other than the self-made, need know or care little about the nature of products and services offered by their companies. Their vaunted expertise lies in change-management for their company. Size and seemingly guaranteed income through near monopoly powers gives little incentive for change. Risk-aversion sets in.

    The other concomitant of size is constipation in decision-taking consequent upon lengthy chains of command, division into quasi-autonomous sub-units, and geographical separation. These are inimical to creative activity. A paper clip manufacturer can be staffed by dullards with little ill-consequence; so long as clips continue to be required there is not much to think about; it can coast along until the world leaves it behind.

    Microsoft shows signs of bloat (in management and reflected in its code), complacency, and dependence on particular product lines, the key one upon which their other products rely being Windows. That recent incarnations of Windows, particularly '10', offer little additional demanded functionality, and with this at expense of increasing complexity/mishaps impinging on end-users, bodes ill. Windows for 'consumers' is moving from being a general purpose computational platform into some kind of advertising surveillance (perhaps more), 'trusted partner' vending outlet, and entertainment centre.

    Then there is motivation for external 'developers' to consider. Anyone need have dabbled little over the years to grasp the sheer complexity of coding for Windows and how this increases with each edition. The early means of creating and writing into a window was cumbersome and inelegant. In essence that has been maintained but partially obscured by slightly more friendly front-ends such as Microsoft Foundation Classes. A market developed for independent compiler vendors offering supposedly easy means for engaging with a window. Microsoft's latest Visual Studio is a wonder to behold: nightmare or boon according to taste. Adding further complexity is the impenetrable nature of huge swathes of Microsoft code accessible through APIs. That leaves the question of what chunks of code Microsoft has reserved for use only by itself and by 'trusted' software development partners.

    Windows 10 is a disaster. It's a natural consequence of how the business developed. Perhaps it would have been possible to rewrite Windows from the ground upwards whilst its founders still took interest in its daily affairs. It's too late now. Microsoft is moribund despite coasting along in profit. There is no remedy available from business school professors; this because they haven't thought out how a business based on creative activities can retain its intellectual edge when reaching a certain size. Hollywood, its distributors, and similar outlets for supposed 'intellectual property' are in the same bind as Microsoft.

    1. Goobertee

      Re: Symptoms of deeper Microsoft malaise?

      Post written nicely. Compliments to the pirate.

      However, I'm still recovering from having read the first line as, "Microsoft was founded during a time of great excrement."

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like