Ransomware
If you pay the crooks will they restore your old data and OS ?
Microsoft remains silent over Windows Server 2025 turning up in the guise of a security update earlier this week, much to the chagrin of affected administrators. On November 5, Microsoft seemingly mislabeled the Windows Server 2025 upgrade with a globally unique identifier (GUID) for updates. The result was that some …
...another Microsoft cockup!
I have but one Windows machine left. My servers have been Ubuntu Linux for years. My laptops are Linux Mint. I just need Affinity to put their graphics suite onto Linux and then I am done with that Windows shit!
Hmm, what' that tune playing in my head, oh yes it's that sci-fi signature tune do dee dee dee
It's not like Microsoft don't have previous for forcing OS "upgrades", labelling them as security updates, designing things so that even after you've said no several times it still installs itself. SWMBO used to say that the only time she used to hear me swear was when forced to sort out her Win 8 laptop.
"Imagine if your electric car – say, a Tesla – received an automatic software update, but you couldn't drive on the new version, until you entered your credit card details to pay the full MSRP once again for the upgrade. Tesla would promptly be out of business, especially since you already paid for the car once."
He'd do it, what's another lawsuit or two, and Tesla customers would still keep coming back for more low quality non self driving rubbish.
This post has been deleted by its author
Don't make the classic error of mistaking the means by which a vehicle is powered with the means by which it is controlled. The only difference between an EV and ICE is how the wheels are turned. Everything else runs off the 12v system, is independent of the drivetrain and is common to both types of vehicle.
In other words, all the threats/fears/scaremongering (depending on your personal point-of-view) about features or even vehicles being disabled by manufacturers or hackers are just as pertinent to modern ICEs as they are to EVs. The attack vectors are the same. All that 'that's why I'm not getting an EV, I'll stay safe with my ICE' is unfortunately an ill-informed false sense of security.
So I’ve recently acquired one of the last Volvos to be completely ICE apart from a small battery that allegedly helps with stop/start (Me to Volvo: I hadn’t noticed). The centre console is Google Automotive. Not only does it control maps and sound, it also controls seat heaters, door locks and hooks into remote start via an app. I’m just waiting for Google to say ‘nah we’re not supporting that any more’. Thankfully the only OTA update I’ve had has been trouble free, but I’ve heard others weren’t so fortunate.
"So I’ve recently acquired one of the last Volvos to be completely ICE apart from a small battery that allegedly helps with stop/start"
I have a Volvo that's completely ICE and only has one computer on board -- the engine performance and emissions monitor. Still runs like a dream after 30 years on the road. No need for crappy code updates, phoning home or "subscriptions" -- everything just works. The only downside is that it now costs some silly dosh to drive into London as its emissions standard has been superseded. But that's just politics..
we screw you. Seriously, I'm all for testing and such, but when such a major fsckup in labeling/tagging occurs, gotta say where's my rebate. Dude, where's my rebate? Now, from my memories of WSUS, I would have staged\approved this update where it was labeled, under windows 11*. It would never have deployed to a server on my watch.
Our team discovered this discrepancy in our patching repository, as the GUID for the Windows Server 2025 upgrade does not match the usual entries for KB5044284 associated with Windows 11...
https://www.theregister.com/2024/11/06/windows_server_2025_surprise/
MS wouldn't do this if they were sued every time they screwed up. Everyone just lets them get away with it. If they screw up and it costs you money, surely in America, where there are more lawyers per square mile than anywhere else on the planet, Microsoft would be tapped for millions on a regular basis. Then it would have to do some checks.
And how exactly does an OS self-install? Isn't there the traditional 'Do you really want to do this, you mug?' button and an alternative 'No, shit, no, stop, don't do this' button, that appear before it starts trashing a couple of weeks of your life.
You forget that in the US- even moreso than in many other countries- the larger a company is and the more legal representation they can afford, the harder it is to fight them in court.
And specifically, the general rule in the US, with few exceptions, is that both sides have to pay their own legal fees and "loser pays" doesn't apply.
This means if you're (say) an individual fighting a large and well-off company, then even if you win, you can still be ruined by the legal costs incurred, which will often far outweigh any potential award.
Everyone knows this, including large companies who can- and do- rely upon that threat to turn the legal system itself into a one-sided weapon against smaller opponents and put them off legal action that would otherwise be a slam-dunk win.
The recent update from Ubuntu 22 to 24 LTS had a large number of “do you really want to do this?” checks. Even a W10/11 install has a few of them. How come this update just breezed in and installed itself without a squeak?
... that any business, anywhere, still allows the junk code in the door. It's been what, at least thirty years of this kind of shit out of Redmond. How many man-hours, world-wide, at a cost of how many dollars, have been wasted over this type of thing over the decades?
It's remarkablely similar to the US election. The voters knew exactly the kind of man Trump is and yet still preferred him to Harris despite however many times the Democrats called them stupid.
The world knows exactly what Windows is but no matter all the names you all call them and all the smug condescending comments you post on every Microsoft thread here, the world chooses anything but Linux every time.
Perhaps the problem isn't Windows?
that it's not MS that installed the updates but a third party? "The problem was initially noted by a customer of security business Heimdal"
So MS mislabelled something, that's bad, but it's Heimdal that decided it was a good security patch and installed in automatically.
If I paid Heimdal to automatically manage my server patches it's them I'd be pissed with, not MS. Is there no QA team at Heimdal?
I notice there are no reports of the windows update mechanism installing this package. The bad package label didn't fool MS update, how did it fool Heimdal?
Windows Server 2025 known issues and notifications | Microsoft Learn
Someone else please read this information carefully and see if they are saying they intend to continue the same behavior as it seems to say?
November 2024
Windows Server 2022 and Server 2019 unexpectedly upgraded to Windows Server 2025
Status Originating update History
Mitigated N/A
Last updated: 2024-11-09, 12:38 PT
Opened: 2024-11-09, 12:16 PT
Windows Server 2025 is intended to be offered as an Optional upgrade in Windows Update settings for devices running Windows Server 2019 and Windows Server 2022. Two scenarios were observed in certain environments:
Some devices upgraded automatically to Windows Server 2025 (KB5044284). This was observed in environments that use third-party products to manage the update of clients and servers. Please verify whether third-party update software in your environment is configured not to deploy feature updates. This scenario has been mitigated.
An upgrade to Windows Server 2025 was offered via a message in a banner displayed on the device’s Windows Update page, under Settings. This message is intended for organizations that want to execute an in-place upgrade. This scenario has already been resolved.
The Windows Server 2025 feature update was released as an Optional update under the Upgrade Classification: “DeploymentAction=OptionalInstallation”. Feature update metadata must be interpreted as Optional and not Recommended by patch management tools.
We advise organizations to use Microsoft-recommended methods to deploy Windows Server feature updates.
Next steps: Microsoft is working with third-party providers to streamline best practices and recommended procedures. The visibility of the feature update offer banner can be controlled by setting the target version to “hold” in the Group Policy “Select the target Feature Update version”. We will update this documentation in the coming days with additional information about this group policy once it is available.
Note: The Windows Server 2025 feature update was made generally available on November 1, 2024, as KB5044284, which was the same KB number used for Windows 11, version 24H2. This was the KB numbering for both these client and server Windows updates available at that time. Future updates released for Windows Server 2025 and Windows 11, version 24H2 will share the same KB numbers, but will have different release note sites and links.
https://learn.microsoft.com/en-us/windows/release-health/status-windows-server-2025