back to article Microsoft patches the patch that broke Windows authentication

Microsoft has released an out-of-band patch to deal with an authentication issue that was introduced in the May 10 Windows update. Elizabeth Tyler, cyber security consultant on Microsoft's Detection and Response Team, confirmed the fix to worried administrators early this morning. Yes, fixed and released 19 May. CU: WS 2022 …

  1. Pascal Monett Silver badge

    "patches to fix patches seem to be becoming a little too common"

    Okay, I'll be the first to admit that networking is not always easy, especially when you're a vendor with an uncountable number of variations to handle.

    Still, I stand by the idea that having a Quality Control team to test and wean out the at least some of the problems would go a long way to make these out-of-band patches rarer than they are.

    1. Captain Scarlet Silver badge
      Coat

      Re: "patches to fix patches seem to be becoming a little too common"

      Seems like the original programmers may be long gone, so essential knowledge of how different legacy services are impacted has been lost.

    2. EnviableOne Silver badge

      Re: "patches to fix patches seem to be becoming a little too common"

      seems a little bit of schadenfreude that they managed to lay them all off in an effort to save costs

      1. Dan 55 Silver badge

        Re: "patches to fix patches seem to be becoming a little too common"

        They did save costs, development and QA is cheaper and they pushed costs onto their customers who are affected by patch borkage.

    3. Version 1.0 Silver badge

      Re: "patches to fix patches seem to be becoming a little too common"

      But Windows is designed to be "patched" so this event is just a feature implementation. All "patches" are patched, all features are "updated" ... LOL, you think that data privacy is not a feature of being patched? Just accept the patch policy but don't worry about it because it will be updated.

    4. Anonymous Coward
      Anonymous Coward

      Re: "patches to fix patches seem to be becoming a little too common"

      The May 2020 party addressed serious vulns but also had problems of its own ... and now everyone is saying that it was not a problem, and maybe Microsoft will start saying that we need to review the video of Steve Jobs drinking beer?

    5. Claptrap314 Silver badge

      Re: "patches to fix patches seem to be becoming a little too common"

      They are called "users". Have been for the last... > 30 years.

  2. Lee D

    It's not a "patch" if it does 10 unrelated things and breaks domain controllers.

    1. Steve Davies 3 Silver badge
      Linux

      re: it's not a patch

      agreed. More like a sneak peek of the clusterfuck that Windows is fast becoming.

      Never mind... When Azure hosts all your windows systems this will all be a thing of the past other than 'glitches' like this will mean total TITSUP and MS sticking their collective fingers in their ears and shouting 'read the small print' and denying any liability for their mistakes.

      meanwhile... those of us who saw the runes with W10 and left the ship even before the W11 drone strike will be laughing all the way to the bank and keeping their customers happy

      1. Evil Scot

        Re: re: it's not a patch

        You assume that your bank hasn't adopted Azure.

        Total Software Borkage happens there too.

    2. Brewster's Angle Grinder Silver badge

      I'll give you the ten unrelated things.

      But you know how bugs are - they lay hidden for long enough and other code becomes dependent on the buggy behaviour so that when you fix them, a whole bunch of downstream things break.

      1. AnotherName

        Why not wait for the fix to be tested and proved before releasing it, instead of sticking to an arbitrary schedule of patch releases. It could be a novel approach?

        1. Kraggy

          I find it telling that someone actually downvoted this .. may a Microsfot employee? :)

  3. Anonymous Coward
    Anonymous Coward

    Amazing any thing works

    Application patches

    OS patches

    Switch patches

    Router patches

    ACI patches

    NSX patches

    GSLB patches

    LB patches

    firewall patches

    Mcafee patches

    Solar winds patches

    Umpteen management and reporting systems patches

    Server patches

    Etc

    Etc

    Etc

    And then Microsoft goes and drops the ball so you have to repay him all them servers again!!!

  4. Jan K.

    It's déjà vu all over again...

  5. -v(o.o)v-

    What all the journos seem to be missing is the highly alarming large number of patches like May 2022 that go like this: "this patch will add event log events and registry keys, then in one year the registry key stops working and we force the new functionality. Oh and it works like this because it'll break your Macs, your Linuxes, legacy software, ..." And on top always seem to have critical bugs that make it work not as intended, breaking even more stuff.

    But that is ok, they are just clueless journos and not sys admins.

    I can't believe that this is not being reported on more.

    It is becoming a monthly occurrence and it is a HUGE workload for us.

    1. simonlb

      then in one year the registry key stops working and we force the new functionality.

      Just like they did with Windows 7 when 10 came out. Release an update to remove the option inside Windows Update to review and choose which updates to install so you then have no choice but to accept all available updates. Then release another update to force GWX on your machine which then tries to force download Win10 ready for installation, your machines performance being crippled during download so you think you have a virus or malware. But removing GWX needed registry tweaks as well as removal of the relevant update, so it looked more like malware than an official MS update. And if you managed to avoid that shitshow, for the next year or so there were 2 to 3 times the number of 'updates' to Win7 then there ever had been before, but after each round of updates something else stopped working or the functionality was slightly different. It was almost as if MS were slowly, but deliberately breaking installations of Win7 to force people to move to the abortion which is Win10.

      I really do feel sorry for the sysadmins who have to put up with the regular firefight to keep their Windows based systems up and running.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022