back to article Microsoft ups the ante with fix-fixing patch that leaves some Windows Server 2008 machines unable to boot

Like a needy ex-partner that just won't let go, Microsoft's legacy OSes continue to cling to the Windows behemoth's ankles. Windows Server 2008 and Windows 7 have once again been bashed with the borkage bat. Users are reporting that the fix to fix the fix that broke the desktop wallpaper in Windows Server 2008 R2 and Windows 7 …

  1. Shadow Systems Silver badge

    MS wants us to move on...

    We want MS to release a stable, fit for purpose, not defective by design, reliable OS that remembers it's *our* computer not theirs, *our* privacy to be respected & not Hoovered up in so much telemetry, & *our* choice when, where, & if at all to apply updates.

    Win7 may be EOL, but it's infinitely better at letting folks get shit done than Win10 has yet to be or may ever become.

    1. Artem S Tashkinov

      Re: MS wants us to move on...

      Not trying to play devil's advocate here but Microsoft does have a stable Windows 10 version. Unfortunately it's not available for mere mortals and its name is Windows 10 LTSC (previously called LTSB). Works just fine, it's rock stable, allows to disable telemetry almost completely using GPO, doesn't contain Play Store and apps.

      1. Spacedinvader
        FAIL

        Re: MS wants us to move on...

        "it's not available for mere mortals" and "disable telemetry almost completely"

        So we can't get it and it still slurps? Shadow System's comment stands.

        1. Artem S Tashkinov

          Re: MS wants us to move on...

          Let's be honest here: the telemetry FUD has not been proven conclusively even once ever since people started talking about it. Microsoft might be collecting the websites you visit but so does your ISP, your government (in many countries) and tier 1/2 network operators.

          I'd love to see a single case where Microsoft has uploaded your files to their HQs behind your back. They do fetch crashed program dumps but normally those are pretty benign. They can theoretically extract, e.g. Firefox/Chrome passwords but that would be a major scandal with very serious financial ramifications (read hefty fines). As for crash dumps, Windows XP/Vista/7/8 have been collecting them for years and no one has been overly concerned so far.

          In short, Windows 10 LTSC can be reduced to "Security" level telemetry which is nothing to worry about.

          1. Stuart Castle Silver badge

            Re: MS wants us to move on...

            I think the problem is that the only people that truly know what Microsoft collect are Microsoft themselves. They are quite vague about the data they collect, and do have a reputation for bending the rules to their own advantage (EG the whole knobbling other people's applications in Windows thing they get punished for in the 90s).

            This, amongst other things, has lead a certain group of people to believe that Microsoft are pure evil.

            Now, I personally don't mind people collecting a little of my info, as long as they provide a service I need. Do I believe Microsoft's claims that no personal information is collected? Yes. Why? Not because I believe that they are inherently good. They are not.

            I simply believe it for two reasons. First, Windows 10 has been out nearly five years. Because of who Microsoft are, I'd be surprised if the Windows Telemetry hadn't been analysed to within an inch of it's life, by various researchers (some of whom are likely distinctly anti-Windows), and because of the amount of people who hate Microsoft, I'd be surprised if any discovery of any leaking of personal information wasn't all over the internet within hours, and at such a level that no legal action could stop it.

            The second reason is that Windows isn't Microsoft's core business anymore. Their core business is cloud computing (through Azure). Very little of their revenue comes from Windows. It's likely that the very same people who make the decisions about a cloud provider are using Windows. If they don't trust Microsoft not to steal their personal data, they are highly unlikely to trust it with their corporate data. That would hurt Microsoft. Microsoft would be stupid to risk that. They are many things, but I don't think they are stupid.

          2. Packet

            Re: MS wants us to move on...

            I am a bit concerned about your whitewashing the past.

            The fundamental issue is a lack of control.

            Crash dumps in pre Windows 10 systems could optionally be sent to Microsoft - you didn't have to.

            Taking away that control is the concern.

            Is Microsoft capturing every keystroke? Unlikely.

            Are they analyzing your sites visited? Yes

            Do they need to? Offer the option to opt out (ideally, make it opt-in)

            To be fair, some of the sites visited can be turned off completely. (don't use Bing, of course, now you have the other evil, Google. Wait - doesn't Cortana use Bing?)

            Privacy, or more specifically, what are they doing with this data, is a big deal that they, among other companies, have to be completely transparent about.

            The Apple model and PR blitz is a good way to do it.

          3. LDS Silver badge

            "the telemetry FUD has not been proven conclusively"

            Feel free to read this, if you didn't before:

            https://privacy.microsoft.com/en-us/privacystatement

            i.e. "Diagnostics"

            "This data is transmitted to Microsoft and stored with one or more unique identifiers that can help us recognize an individual user on an individual device and understand the device's service issues and use patterns."

            "Optional diagnostic data"

            "Enhanced error reporting, including the memory state of the device when a system or app crash occurs (which may unintentionally contain user content, such as parts of a file you were using when the problem occurred). Crash data is never used for Tailored experiences as described below"

            Even MS acknowledges dumps can contain sensitive information.

            Full list here:

            https://docs.microsoft.com/en-us/windows/privacy/windows-diagnostic-data

            And for example:

            "User generated files -- files that are indicated as a potential cause for a crash or hang. For example, .doc, .ppt, .csv files"

            The day someone in EU can prove the system has uploaded sensitive information behind their back MS will be in great GDPR troubles.

          4. katrinab Silver badge
            Flame

            Re: MS wants us to move on...

            If you want proof, I could send you my pi-hole logs

          5. a_yank_lurker Silver badge

            Re: MS wants us to move on...

            The outrage over telemetry is about users having control of their boxes. Ultimately the owner should have the final say as to what is done on their boxes. But Slurp deigns to think just because you are using Bloat they own your boxes. It really does not matter how much or little they collect it's about ownership.

      2. dak

        Re: MS wants us to move on...

        "allows to disable telemetry ALMOST completely using GPO" - and there's the problem, right there.

      3. Roland6 Silver badge

        Re: MS wants us to move on...

        >but Microsoft does have a stable Windows 10 version. Unfortunately it's not available for mere mortals and its name is Windows 10 LTSC

        But given a key issue is having the correct version of the servicing stack, I suspect only builds of W10 LTSC released subsequently to the 2019 servicing stack update - and thus fully supporting the use of SHA-2 code signing can reliably considered as being "stable".

    2. Anonymous Coward
      Anonymous Coward

      Re: MS wants us to move on...

      Yup, Win7 is infinitely better!

      So long as you don't want to shutdown or reboot.

    3. This post has been deleted by a moderator

      1. Danny 14

        Re: MS wants us to move on...

        And yet something as simple as a cascading start menu has regressed to a flat mess. Install something as simple as sql server and look at the unordered mess in server 2012+

        Why they couldnt just let you put things in cascading folders is beyond me. Have multiple versions and you cant even use search to mitigate as that gets even worse.

        2008 was worth price if admission for that alone.

  2. Dabooka
    Pint

    Top sub-headline that.

    Well done.

    Very well done.

  3. asdfasdfasdf2015

    unable to boot

    wouldn't that also mean you are unable to apply the patch?

    1. DJV Silver badge

      Re: unable to boot

      Yes, but even if you do manage to apply it, it will, no doubt, clobber something else without mercy that their beta testers* didn't find whilst the patch was being produced.

      * Oh wait, WE'RE the beta testers so of course it won't be found until after MS release it...

    2. phuzz Silver badge

      Re: unable to boot

      Boot into safe mode and remove the last patch. We've all had to do it from time to time...

  4. Lee D Silver badge

    Reason #12497438 to not have Windows Automatic Updates turned on to automatically apply on whatever schedule they like.

    Oh... but with Windows 10 you don't get a choice... because... feck-you-why?

    1. This post has been deleted by a moderator

      1. Danny 14

        Oh i didnt know you could right click an update and ignore it. That was useful when MS released faulty updates.

    2. MrBoring

      To be fare, this time if users left on auto patching, they would have received the prerequisite uodates from 2019 - Alot of these reports are coming from people who use SCCM etc for patching and think a CU update should contain everything you need.

      Its all a great big balls up for sure.

    3. phuzz Silver badge

      Disable auto-updates, miss the SHA-2 patch from last year, try and install a random update manually, and then complain that it's Microsoft's fault it fucked up.

      Sounds like a fun time.

      1. Michael Wojcik Silver badge

        It is Microsoft's fault. Windows Update should be able to tell you that you're missing a prerequisite. Failing that, it should check to see that it can verify all the signatures before starting the patching process.

        Windows Update is a remarkably broken system, as anyone who's ever ended up with a mysteriously corrupted catalog can tell you. (And based on online questions and complaints, this happens a lot.) Or anyone who's ever had it report an "unknown error" with an error code that's straight out of WinError.h; Microsoft's WinUp team apparently can't even be bothered to call FormatMessage.

        And Microsoft's handling of updates is crap, issuing vague "this fixes a possible issue with something" updates that lack any useful information.

        And then there's the Win10 auto-rebooting, which frankly makes the OS unfit for purpose. (Yes, the "metered connection" workaround can prevent that - until you connect to a different network and forget to enable that setting again, or your organization overrides it with a group policy setting.)

  5. Reg Sim

    love that Title.

    What a killer sub heading, it drew me in like an old lady that swallows flys and swallows spiders to catch 'em.

  6. samzebra

    Easy Fix!

    install Linux CD, power up and install...

    1. Anonymous Coward
      Anonymous Coward

      @samzebra - Re: Easy Fix!

      Do not disturb them, Windows people actually enjoy being abused.

    2. ovation1357 Bronze badge

      Re: Easy Fix!

      Which is the exact fix I just applied to my mother's laptop after she told me she was concerned about using her online banking because of security warnings coming up to warn that Win7 is now dead...

      As she's quite technophobic I was a little hesitant but she did express that she really didn't want Windows 10...

      And as it happens her main applications are Google Chrome, LibreOffice and Thunderbird so I went ahead and installed Ubuntu 18.04 MATE edition, popped it into 'Redmond' mode using Mate Tweak and set the desktop background to the same one she'd had in Windows.

      It's been about 3 weeks now and I've not had one single call for help from her. I didn't even see her in person to give a brief introduction - she got the laptop and a message telling her the password. I rang her the next day to talk her through the basics but she was already fully up and running with it and didn't need any help.

      So, yes! In many cases a great alternative fix to fix the fix with be just install Linux instead and never use Windows again.

    3. Anonymous Coward
      Anonymous Coward

      Re: Easy Fix!

      Thanks that'll be really helpful on my Win 2008 server running some accounting software that's not supported any more.

  7. Nate Amsden

    Why did MS stop doing service packs?

    I mean they still have them but they seem to be really rare(and serve more as feature packs). I remember back in the NT days a service pack was typically just a rolled up collection of fixes in one big file. I think you could even extract the big file into the individual fixes if you wanted(never tried that myself).

    I know that a few years ago(?) MS changed their updating scheme to provide more roll up style patches where everything is included in one patch at least for that given patch cycle in theory.

    Since Win7 went EOL recently, in the past week I have been going around my home windows systems and VMs that run windows 7 (which is 7 I believe, the only other windows OS I have is XP on a dual boot laptop for games that I haven't touched in 18 months). Most of these systems get very minimal use, and probably spend 90% of their time turned off, so they don't get patches often. Probably 2-3 hadn't seen a patch in over 2 years. I patched them all, but on at least one occasion I was quite surprised that the OS at one point felt it was up to date when I knew absolutely it was not. It said no updates to apply even after forcing it to check again. Only after I manually deployed that servicing stack update (from march 2019 I think), did the system then realize that hey there were more patches after all. There are other patches that fail to install if the servicing stack update is not applied(why the servicing stack update isn't applied automatically in advance, or included with the patches in question I don't know since they don't install without it). At the end of the day it didn't matter to me if these got their patches as the risk is so low (haven't had a known security incident on my home systems since maybe 1993). The "OCD" in me just wanted to get them their last patches.

    I just feel it would of been nice for MS to release a service pack that one could download as one big EXE, that had EVERYTHING (for that OS). Something that could take a windows 7 system from any patch level to the most current. Maybe the patch would be 5GB in size I don't know. But it would be simple, wouldn't have to wait hours and hours sometimes for windows update to look for updates, or track down forum posts to try to figure out why a weird update error is occurring, or in some cases like above why the system says there are no updates when you know there are. Same of course goes for XP and all of their other OSs. Would be nice if there was just a service pack released every 6 months that had everything, then at the end of the life cycle release one more. Make the service pack easily searchable and downloadable from Microsoft's site.

    Another thing this big service pack would eliminate is the need to install patches, then reboot, then look for new patches, install and reboot. I wish windows update would just download everything it needs in one go even if it requires multiple reboots to install. I did in fact see more than one windows 7 reboot twice during a patch upgrade so they have the ability to even do that, install everything at one go and just reboot as many times as it needs to get it all in one cycle.

    In my recent patching I found it odd how windows update would say it wants to install for example April 2019 rollup security patch and then the next rollup it wants to install is Jan 2020. I saw that (month may of been off) on multiple occasions. Did it actually get all of the patches? It claims to have them all but I really don't know how to tell for sure.

    Linux has been my desktop/server of choice for almost everything since 1997, so windows is of course not my primary OS but I do still use it daily(in VMs).

    Not sure when I'll consider again moving to windows 10, I have no win10 systems today but have poked around with it a bit in the past. I'd be more open to win10 if I got a build that would just stay stable for 5 years(they have the long term support builds but as far as I know those aren't available for consumers).

    1. J. Cook Silver badge

      Re: Why did MS stop doing service packs?

      That is a very good question.

      the last two windows 7 machines I built, I had to manually pull down a half-gig rollup patch, the 'servicing stack' (aka newest version of the windows update code), and a half-dozen other patches manually in order to get the update functionality to kick start itself.

    2. Roland6 Silver badge

      Re: Why did MS stop doing service packs?

      I just feel it would of been nice for MS to release a service pack that one could download as one big EXE, that had EVERYTHING (for that OS). Something that could take a windows 7 system from any patch level to the most current.

      Well you can roll your own by downloading WSUSoffline and setting it to build a Win7 update archive.

      It seems to capture most of the updates, as a final check run against WUP tends to result in a few further updates being advised.

    3. swampdog

      Re: Why did MS stop doing service packs?

      More interestingly, why most folk keep being surprised by this EOL breakage. It's been happening since win2k (when they refused to give it whatever version of DirectX was going into XP). M$ said it wasn't compatible and were soon proved wrong by someone who retrofitted that new DX into win2k. I remember trying it myself and it worked fine.

      I shouldn't be, but was actually amused to see the "m$ strongly recommends using win10 on a new PC.." on the win7 EOL page. A "new PC" eh? 16gig ram, 8 cores and same vid card as the missus' win10 PC (6 cores 8gig ram). Okidoki m$, I'll do that just as soon as this win10 VM gets past its 09/2019 update: I know its unregistered but you said that's okay. After all, it's only there as a safety buffer against letting the missus' win10 patch itself immediately.

      With win7 EOL I can finally turn off win2k8 server which doesn't need an EOL because it came with built in DIL (During Its Life) wierdness. It's only job has been as a wsus server and my gawd has it pissed me off.

      There's only two m$ operating systems which didn't suffer wierdness at EOL: the aforementioned win2k and win2k3 server which I VM'd 'cos it has m$ publisher on it, the only m$ app I've ever enjoyed using.

  8. Gnoitall
    FAIL

    It's all turning very Monty Python, with all the fixing and the fix-fixing and the fix-fixing-fixing.

    I'll wait for the llamas before I install that update.

    1. The Oncoming Scorn Silver badge

      This Is Your Fault!

      Bravely patched Sir Robin

      Downloads from Microsoft.

      He was not afraid to apply,

      Oh brave Sir Robin.

      He was not at all afraid

      To be pwn’d in nasty ways.

      Brave, brave, brave, brave Sir Robin.

      He was not in the least bit scared

      To be worked well into the night.

      Or to have his histories 'mailed out,

      And have his desktop broken.

      To have his backups quit

      And server restarts all day,

      Brave Sir Robin.

  9. Anonymous Coward
    Anonymous Coward

    Full Windows privacy

    Apply the fix.

    Throw useless PC away.

    Privacy achieved.

  10. Anonymous Coward
    Anonymous Coward

    timely updating?

    "In a nutshell, users must have the 23 September 2019 (or later) SHA-2 update installed as well as the servicing stack update from 12 March 2019 "

    So you should have installed a patch from 6 months ago on top of a patch from a year ago? And some people haven't done that....

    Perhaps it's changed from back in March previous but I've noticed recent Servicing Stack updates don't need reboots after installation.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020