It's Patch Blues-day: Bad October Windows updates trigger BSODs Microsoft's October batch of security patches and bug fixes caused some corporate PCs to suffer blue-screen-of-death crashes when starting up this week. The Redmond software giant has fielded multiple complaints on its support forum from system administrators, who said the KB4041676 and 4041691 updates are making their …
"MS is REALLY getting worse."
Yes. They've been getting worse for a number of years. It's been pointed out to them. At times, they've even accepted it. They haven't been able to change. That's the story here. It will rumble on for another 5-10 years and then it won't matter because MS won't be a significant player in the industry anymore.
I only hope that Bill's managed to philanthropize all his billions before they disappear.
I only hope that Bill's managed to philanthropize all his billions before they disappear.
Don't worry 'bout poor ol' Bill!
As soon as he was able, he shoveled MS stock out the windows (Fnar) as fast as the SEC would let him.
He only holds a token amount now.
Actually, if you follow the links in the site linked above, a lot of the actual investments seem to be in Canada, not the US; Maybe Ol' Bill knows something we don't (or only suspect)? ☺
(Sorry, I suppose this reply shd have pointed to the OP)
I have to inform you that Ol' Bill has been out of Microsoft for several years, and (probably) only shows up for board meetings. He and Warren Buffett are too busy trying to eradicate Malaria than to be much concerned with MS.
Good news! Even Steve Ballmer is not around much any more. And the office furniture is now in much better shape.
Your news of the world seems dated. I bet you're even using XP, right? Or did you finally upgrade to Windows-7?
I would say that Bill, and Warren are well on their way to a Nobel Prize. Heck, if Bobby (only women bleed) Dylin' can win one, almost anyone can.
.
> Love that it's the sysadmin's fault for the cockup and not because Microsoft laid out some poor planning...
Sysadmin is responsible for testing patches before they're rolled out into userland, especially on mission critical systems. Nobody should think it is ok just to push untested patches and then point the finger at the vendor when systems go down.
"You should never have delta updates in WSUS. It was a 'whoops'."
A multi-million dollar cock-up that affects businesses around the world caused by a multi-billion dollar company, and they just say "whoops"? Might as well as said, "We're Microsoft, what're you going to do about it?
Someone's over paid arse needs a severe kicking!
What breach ?
The EULA specifically absolves Microsoft of everything that can happen to your machine.
The only way anyone could sue over Microsoft's repeated failures is to attack the EULA and get the part that absolves MS of any problem off the EULA.
THEN we get to sit back, grab a jumbo popcorn and watch the dogpile.
Micro$luts screw up another patch. Not exactly news nowadays.
I'm waiting for the news article
"Patch Tuesday completes flawlessly, Sysadmins able complete real work due to stress free day"
Though this will happen on the same day I win the lottery, My unicorn gives birth to a gold egg laying goose and the business users are able to articulate a full set of requirements well in advance of the due by date (unicorn giving birth is still more likely i think).
"clear the cache on WSUS servers" - WTF.. is he crazy? What has he smoked?
The WSUS caches on my servers are 200+ GIGABYTES on each server. One of them is configured to download express updates instead of normal... that one has a regular WSUS cache of about 900 gigabytes just by itself.
That cache flush would mean re-downloading terabytes of data just to fetch ~99% of the same data that the servers already have and it will take almost a week for the caches to recover.
clear the cache on WSUS servers" - WTF.. is he crazy? What has he smoked?
The WSUS caches on my servers are 200+ GIGABYTES on each server.
A demonstration of how one ill thought out comment could cause the whole internet to grind to a halt. You couldn't make this up.
You should never have delta updates in WSUS.
So you have two types of updates. You write a computer program to process updates - which should only ever receive one of those two types.
Isn't engineering 101 to 'check' which type of update it is, and if it's one you haven't explicitly coded to handle, you reject it/skip it?
Then again, here in OZ they keep building tunnels without putting in safety gates - you know a 'cheap' steel (upside down) U shape thingy set at the maximum height for vehicles? The idea being rather than a 3m vehicle ploughing into a 2.6m tunnel and causing major delays and days of remedial roadwork - the truck can hit the gate and be safely/easily moved to a slip road and leaving the tunnel itself undamaged. So if actual engineers no longer do basic safety, it's little surprise software engineers just ignore it altogether.
I'm sure that by reducing the total project cost by 0.01% and skimping on Engineering 101 some middle manager got a whopping great bonus and promotion. Well done. You're totally awesome. High five! Rock Star!
a 'cheap' steel (upside down) U shape thingy
Yeah that dosent sound too much to ask. But if it is , you could achieve the same with a chain strung across the road at that height with dangly noisy things on it , or , at a push , a sign displaying max height.
None of that will help. Google 'low bridge fail' for lots and lots and lots of examples.
You'd think they'd have come up with some sort of better solution to this sort of crap by now. People don't read street signs reliably, and it also seems that most folks are even worse at judging height than they are at judging distance.
https://www.youtube.com/watch?v=USu8vT_tfdw (this bridge has been wrecking havoc for years at ~3.5m!)
Nah, mermaids would be far more useful. Especially if they were immune to pressure so didn't have to decompress after a mere hour at >150 feet. Although I am not sure what other adaptations would be handy, if their biology is similar to ours then vision would be optimized for green light so "Cut the black wire with the yellow stripe, not the yellow wire with the red stripe" would end badly.
I'd expect language to be a minor inconvenience as intelligence would be high enough to understand basic concepts such as "this bolt goes here" etc. and reading a diagram.
Did you know that dolphins have really bad eyesight? Literally you can shine LEDs at them and they won't even see them if the wavelength is wrong. Their vision is similar to dogs but they lack a key eye component so can't generally see details but make up for it with SONAR (even to the extent of being curious about pregnant women or so it is said)
Hint: If they ever found a phone it would run out of battery power long before they figured out what it was, also induction charging does work under water but not very well.
The matching is optimized for air y'see.
I suppose a dolphin would probably be able to turn the phone on and off using sonar pulses but someone needs to test that.
https://www.livescience.com/38087-can-dolphins-detect-pregnant-women.html
8087-can-dolphins-detect-pregnant-women.html
Wolves certainly can.. (went on a 'walk with wolves' - hand-reared wolves that can't be released into the wild because they are habituated to humans. We were told in advance that women who were pregnant should not turn up to meet the wolves as the wolves can always tell and show a *lot* of interest in said women).
They also seeming like the smell/taste of people that have pets - my wife and I both got licked on the hands by the wolves when we got to meet them - the only people in our group who did.
I suspect it might have been along the lines of "I like the smell of these - I'll eat them first" kind of a lick.
Interesting factoid: despite many of the important markers being different human pregnancy tests do work on certain monkeys. NOT: horses, cattle, sheep, goats or most other large mammals.
Also relevant: the pheromone wolves and dogs detect is actually unknown to science and a Nobel is probably waiting for the scientist(s) who figure this out as it could provide a valuable fetal health indication.
Pretty sure that its more than one actually but we lack the ability to consciously detect it, with our sense of smell being very primitive and all those extra neurons being used for abstract thought instead.
I am getting bored, testing for Microsoft.
Well, when it goes bad, here is the fix.
cut power to computer and turn it on, so it goes into safe boot.
use advanced, till you can make ity repair upstart, takes 5minutes, then it boots fine again.
Easy, but difficult to explain to computer illiterate users. :-(
Easy, but difficult to explain to computer illiterate users. :-(
Not so hard really.
Just say, :Windows FUBAR'd* everything again, and I need to start the machine from scratch."
They'll nod knowingly. and go about their business.
*Really dictionary, Firefox doesn't know FUBAR!? They perfected it on the browser after Internet Explorer passed the torch!
This is not just on WSUS machines. We do small business support and have customers who have the problem on standard 10 pro upgrades from 7 pro.
For all the people who say techs should test updates: this would be great, but Microsoft auto rolls out patches on 10 unless its a copy of windows10 enterprise.
This is of course stupid hence I tweeted today on #windows10updateisstupid It would be great if this got some support.
Cocked up patches would be more palatable had Windows 10 not embarked on the idiocy of forced updates. Should have let the techies, real qualified testers and the braver souls dip their toes in the water first.
Microsoft's patches are getting from bad to worse, and I presume that SatNad had downsized/outsourced his QA team ever since taking the helm at Microsoft. Crowdsourcing to the bunch of clueless hipsters known as 'Insiders' also didn't help.
'Ship it first, fix it later' is lazy and irresponsible, and I hope SatNad and Microsoft pay a dear price for this in due time.
There was a paper at the Chaos Computer Conference (the big German hacker convention, at the time in Hamburg) a few years back which had been devolved from its original content to "How Microsoft Fucked up Updates". The presenter at one time said: "Would you trust a company that does THIS to maintain production relevant machinery?"
The biggest slap in the face is that Microsoft is about to ask for MORE money for exactly the type of deployment they fucked up now. Since when does one has to pay MORE for substandard work quality? It's more like a protection money racket.
BSOD are the equivalent of a kernel panic - if something goes really wrong at ring 0 the system stops - the functionality have to exist to protect the system from bad code.
Years ago they were more common, especially because of lousy drivers - the older driver model required much more third-party code running in kernel space.
I can now breath more easily.
For some reason remote site's WSUS did not update as it was supposed, to, and its last update was done in August this year. Whoops.
So we dodged a bullet here.
Still pissed at M$ for allowing this sort of cock-up to happen.
By the by, how do you delete those two specific updates from WSUS using powershell?
"By the by, how do you delete those two specific updates from WSUS using powershell?"
Something along the lines of this:
https://blogs.technet.microsoft.com/sus/2016/01/29/how-to-delete-upgrades-in-wsus/
and some more powershell/wsus stuff (i like the title)
http://www.tomsitpro.com/articles/powershell-windows-software-update-services,1-3509.html
https://www.theregister.co.uk/2016/09/30/microsoft_exam_scoring_changes/
I'm just going to guess that whoever at MS is responsible for testing their update roll outs was a "victim" of the Cert Exam changes made last year.
Their high scores in the "Bum Kissing" section overcame the low scores in "Attention to Detail".
Eventually, the company I work for (< 50 machines) is going to move to a relatively homogenous windows 10 environment... but I'll be actively resisting that until we're able to wrest control of updates from Microsoft. I can't imagine managing a Windows 10 corporate environment without WSUS... well, actually I can, and it seems like some shit Dante might have written.
but I'll be actively resisting that until we're able to wrest control of updates from Microsoft.
Firewall off all the MS domains/IP's at the gateway, let it connect the week after "patch Tuesday" when you know if you'll have problems or not?
(give yourself some good perimeter defences etc to help mitigate the 0-day risk as well (if it is possible to actually harden Windows enough for that)
The latest patches don't just screw up WSUS - they also cause havok with some database connectors - especially ones that connect to Excel (for reports etc.).
KB4041676 tanks Win 10 machines, KB4041681 and KB4041678 do the same for Win 7.
The error is: "Unexpected error from external database driver(1)"
I had to quickly write a batch file to uninstall these updates at logoff to get rid of the offending updates.
Hope this helps someone who is stuck in the same position.
"Those updates was never intended to show up in...
I sure we've heard this a few times lately, though of course ICBW,
Nystrom recommended administrators whose machines are afflicted with the bad updates, released on Tuesday, remove them using either PowerShell or the DISM app.
Yup, F8 for the boot menu, into safe mode and.. FUCK YOU MICROSOFT!
(Thank the Lord I'm not longer needing to deal with this stuff!)
Regarding your comment in the article about "KB 4041676" not causing glitches for home users:
my HP Pro book installed the update 8 or 9 times (By now I have lost count) only to immediately reboot again and uninstall it.
No BSOD but all the pc does is install-reboot-uninstall-reboot and send me to a web page that says "Tell us how good we are(n't)"
No help but to DISABLE AUTOMATIC UPDATES THROUGH THE SERVICES WINDOW.
I keep telling myself to stick with Linux or just go back to DOS. I STILL HAVE ALL MY NEEDED SOFTWARE FROM MY 8088.
Ran into this earlier this year. The Delta/Full is a giant pain for customers. Developed automation for enterprises as covered in this blog.
https://www.systemcentertools.com/single-post/2017/12/01/Resolving-7B-BSODs-related-to-Microsoft-CUs-for-the-Enterprise-Part-1
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
