Microsoft Pulls Broken XP Update 478
Cally writes "Yahoo! reports that
Microsoft have pulled a Windows XP update from the Windows Update servers after it killed network access for some users of the claimed 600,000 who installed it. (Does this mean only 600,000 XP users trust Windows Update?) The story hints that the problem was something to do with VPN or IPSec drivers clashing with Symantec software - however I haven't found anything about this on the Microsoft KnowledgeBase (the link Yahoo provide goes to the generic support home page.) Anyone got more info?"
updated link (Score:4, Informative)
updated clickable ..... (Score:4, Informative)
Time to think about Mac again? (Score:5, Interesting)
When Apple comes out with their new PPC 970 systems I will be first in line to buy one. I dont like what I see coming down the Microsoft trail re DRM and all the spying going on. I liked my G4 when I had it but it was so slow compared to my windows box I sold it. Seems like Mac maight make a comeback, I'm sure I'm not the only one thinking this way. But there's no way I'm buying a G4 unit.
Re:Time to think about Mac again? (Score:3, Interesting)
I have an XP box. I use it to play games, and for media, it works great. BF1942 crashes, but aside from that the machine never crashes. I use Windows Updater (that prompts me) constantly. I got the notice for this update, and skipped it for some reason. Glad I did.
In the last 6 months since I've had this machine, I have downloaded every update and installed them without any concern or issue. That is prett
The Fix (Score:5, Informative)
When the update occurs, XP makes a new restore point.
If you are ever having problems after an update... just roll the system back. Easy.
Restore Point Link [bcentral.co.uk]
DavaK
windows update (Score:5, Funny)
Do they have any sort of quality control?=)
Re:windows update (Score:3, Insightful)
Does this mean only 600,000 XP users trust Windows Update?
Probably only 600,000 users actually bother to use the updates. I know any number of people who just use the software that came on their Win98 CDROM, it never even occurs to them to update their software. Like all the academics at my university using Netscape 4.7x with MacOS 9.1.
Re:windows update (Score:3, Interesting)
You know, there ARE other reasons not to join the upgrade ratrace..
Re:windows update (Score:5, Interesting)
Ummmm, yeah!
People think of a computer like a machine. Like a car, or a boat.
Do you take your car in to have the Catalytic converter "upgraded" every year?
Do you subscribe to an "update service" to update the embedded firmware on the onboard computer?
Why would you do this? Why should they?
Re:windows update (Score:5, Funny)
!= ("Not!")
Sheesh... I'm gonna quit my job and start a new thrash band called Rage Against The Butterfly
Re:windows update (Score:5, Funny)
Yes, they've got a huge installed user base that reports problems very quickly... why should that pay people to find bugs, when there are 600,000 people willing to pay them for the priviledge of beta-testing their software?
Re:windows update (Score:3, Funny)
Without the Tandy Color Computer none
Re:windows update (Score:4, Insightful)
I mean, think about it
If it were such a "simple error", it would have happened to ALL of the 600,000 people who downloaded the update. Crap happens. QA isn't an exact science -- there is no algorithm you can follow to make sure you find 100% of all bugs in existance. The best you can do in this case is find the problem and make sure you test for it in the future.
If only they had apt-get (Score:5, Funny)
Re:If only they had apt-get (Score:5, Informative)
sub=dists/latest/binary-i386
dt=`date +"%y%m%d_%H%M%S"`
cd
dpkg-scanpackages latest
grep -Ex "Filename: latest/.+" $sub/Packages | sed "s/Filename: latest\/\(.*\)/\1/" > old/L$dt
pushd $sub
rm Packages.gz
gzip Packages
popd
mv latest $dt
mkdir latest
for x in `cat old/L$dt`; do mv $dt/$x latest; done
if [[ `ls $dt | wc -l` -eq 0 ]]; then rm -r $dt; fi
If it blows up, I can easily roll back, and keep a history of all the intermedate versions.
Re:If only they had apt-get (Score:5, Funny)
Your code looks very interesting, and would make a fine addition to the new Windows version of apt-get which I have almost finished writing. It is crafted in MMX/SSE accelerated x86 assembler, so it runs really fast! You will, however, need to port your nice Java program to assembler. I am also looking for people to help out with the GUI front-end to win-apt-get, which is based around a helpful paper clip character called 'Klecker'. When the user requires an update, they 'Klick' on 'Klecker', and he helpfully tells the user to "Fuck off and read the manual you filthy Windoze luser", or to "Take a fucking number and wait for win-apt-get stable to be released in 2017".
Re:If only they had apt-get (Score:3, Insightful)
Just a thought.
Dave
Re:If only they had apt-get (Score:5, Funny)
subreality@underminer:~$ apt-get cure-world-hunger
Your ports tree can't do that. No wonder BSD is dying.
Re:If only they had apt-get (Score:3, Funny)
Works like a charm here.
Re:If only they had apt-get (Score:5, Funny)
/home/tres:$ sudo pkg_delete osama_bin_laden-1.2
oops...pkg_delete: couldn`t entirely delete package (perhaps the packing list is incorrectly specified?)
well then, we have:
pkg_delete: couldn`t entirely delete package (perhaps the packing list is incorrectly specified?)
hmm... well we couldn't get those done right, but we can fix some other things:
/home/tres:$ cd /usr/ports/us/liberty /usr/ports/us/liberty: $ make install clean
...
I know it was there just a little while ago. grr...can't find dependency: bill_of_rights.so
Ha! I know how to fix it!
/home/tres:$ sudo portupgrade president-43_b
Oh yeah! Try that with apt-getLink has a typo. (Score:3, Informative)
http://support.microsoft.com/default.aspx?scid=
Re:Link has a typo. (Score:2, Informative)
That's the problem with automatic patching (Score:5, Insightful)
At least this patch made it perfectly obvious that it had a bug.
Re:That's the problem with automatic patching (Score:5, Informative)
Re:That's the problem with automatic patching (Score:5, Funny)
Re:That's the problem with automatic patching (Score:3, Funny)
Sure you can! Don't you know that 90% of all security vulnerabilities lie between the chair and the keyboard? The Third Generation Security Patch eliminates this vulnerability by shorting the powersupply to the keyboard before it destroys the computer.
-
Re:That's the problem with automatic patching (Score:3, Insightful)
Not easy to do.
Think about it. QA on Linux has the advantage that the first "users" of any new module/driver/system are actually developers and other savvy users. Many bugs get worked out relatively early -- certainly before they get rolled into a stable distribution.
The Windows OS has to support a nearly infinite variety of hardware, and. It doesn't have the same first-tier of support. Sure, it has beta testers, but, by and large, they aren't developers. They certainly can't tweak the source
Why is this news? (Score:3, Insightful)
I'd say it was a slow news day, but it ain't even daytime yet.
Re:Why is this news? (Score:5, Interesting)
Re:Why is this news? (Score:5, Interesting)
This is somewhat minor compared to losing network access, but only somewhat. This sort of thing happens often when OS updates move from the lab to the real world, and the fact that Microsoft responded the way it did should be considered a virtue rather than a vice.
Re:Why is this news? (Score:5, Informative)
But you're right, this does remind me of the kernel-that-never-should-have-been. I don't remember the version number (it was in the 2.4 series), but it was the one that corrupted your drives when you unmounted them. Of course, IIRC, that kernel wasn't pulled, the next version was just released very quickly. You can still get that kernel version if you really want to corrupt your data
greased turkey (Score:3, Informative)
Re:Why is this news? (Score:2, Insightful)
Hmmm....I wonder why... (Score:5, Insightful)
Maybe because they couldn't get online to report the problem???
Re:Hmmm....I wonder why... (Score:5, Interesting)
Which is not to say that automatic update is not a potential source of major problems. QA needs to be really good for something like this, which it clearly was not.
Old news (Score:5, Insightful)
Re:Old news (Score:2)
But can your company go without the newest update to Microsoft Barn Raiser for that long?
Re:Old news (Score:4, Funny)
and
"Don't be so arrogant."
Let me introduce you to the concept of irony.
Not News (Score:4, Interesting)
In real life, people don't trust MS patches until they've tested them on their own systems with their own application mixes.
Until MS raises their quality assurance and testing to a higher level than it is now, knowledgeable system admins, responsible for managing lots of Windows systems in their environments, will continue not to trust Windows Update.
Re:Not News (Score:3, Funny)
More Slashdot Sensationalism (Score:5, Insightful)
What do you think is more likely: "only" 600,000 people trust Windows Update or everyone else just hasn't patched for checked for patches yet? I personally don't use the little auto-notification thingie, I just check every once in a while.
Also, how is this different from any automated Linux update method? Software has bugs. Patches may have bugs. Regardless of vendor, patches are not perfect and may induce problems.
Agree or disagree with me, when you think about it without bias it's true.
Re:More Slashdot Sensationalism (Score:4, Insightful)
I'll agree with you on the bias issue. Slashdot for all I can remember (which is a couple of years) was not pro-microsoft. I'm not speaking for anyone, just stating a fact.
But there is a difference between Microsoft and where with Windows Update, you have paid for the update service, and you should expect at least a minimum of Q&A done to a patch. With Linux, well... I can remember some packages I installed in which they gave you a very explicit warranty : This might screw you up, we're not responsible if it does.
I've always installed packages on Linux with this in mind. This might not be the best mentality if we really want Linux on the desktop, but at least, I know what I'm getting myself into.
MS Update makes it seem like everything was double-checked for you, and all is well and good to install... MS even goes so far as to recommend URGENT patches, which may or may not leave you worst off... And this you (should have) paid for. So yes, there is a difference, bias or not, since I paid money for my MS release, whereas my RedHat is downloaded and free... So yes, I should expect working patches from MS, and not expect RedHat to give me the time of day if they dont feel like it.
'nuff said.
Re:More Slashdot Sensationalism (Score:5, Insightful)
I assume your speaking of paying for Windows XP when you say that you've paid for the update service, or else someone really ripped you off. If that is indeed what you are referring to, then I have an issue with Mandrake, Red Hat, and SuSe because I did pay for them (support the cause and all) and although you say "I can remember some packages I installed in which they gave you a very explicit warranty : This might screw you up, we're not responsible if it does. " -- this is exactly what Windows Update says in it's EULA.
So, I would say that Microsoft does a better job in this aspect. Also, you're going to knock Microsoft because they are pro-actively getting people security updates? Wow, this seems to me like a better way, because we all know that many exploits have actually been patched, it's the sysadmins who don't patch their systems that get hacked.
I know we're supposed to be Anti-MS here and all, and I generally am, but please, don't throw out logic and reasoning when attacking the giant.
Re:More Slashdot Sensationalism (Score:4, Insightful)
You're correct, but one of the reasons Microsoft has given in the past for being slower on security updates than the Open Source community is that they have a much more rigorous regression testing procedure that must be run before release. The idea is to make sure that something like this never happens. It is one of the ostensible reasons that you pay so much more for Windows. If the extensive test procedure is no better than Red Hat's or SUSE's, then that proposition kind of goes up in smoke.
Lots More Slashdot Sensationalism (Score:5, Insightful)
Its not. Well, this wasn't automated, it had to be downloaded from the windowsupdate.com site, but I think we're just seeing something of a double standard here.
Okay
What really gets me is that whenever there's an MS problem the
MS's automated patching system isn't bad, it keeps Joe User updated and there simply will be x amount of problems over y amount of time, as you said just like with any other vendor.
Enjoy the schadenfreude guys, it'll just make real MS complaints sound all the less convincing. Optional supplemental reading: the boy who cried wolf.
Crying wolf is a big problem when criticizing MS to the uninitiated. I have the displeasure of taking a 3 hour class with a rabid anti-MS type and at this point no one takes him seriously because of his zeal, even though 2/3 of the stuff he says are actually excellent points.
Engaging in simple-minded schadenfreude simply makes people look less credible. Seems like a tough lesson to learn for the loud-mouth anti-MS types.
Re:More Slashdot Sensationalism (Score:2, Insightful)
Re:More Slashdot Sensationalism (Score:5, Insightful)
If (insert your favorite distro here) releases a bug fix, its generally well documented, you get the source if you really care, and you can know exactly whats going into your system.
If MS releases a bug fix, the only way to retrieve it is through Windows Update, you don't know what else they slipped in, you often must have all the other service packs/hotfixes installed first, and (this is the really irritating part) it may change your EULA if you choose to install it. If you don't accept the new EULA, you don't get the exploit-fixing critical update you must have to keep your server clean.
I like and use both MS products and Linux, but severly dislike MS's tendency to grab as much control as they can get away with. They grab until there's a user backlash and either ignore it or back off just enough so it looks to the press like they're the good guys for making a concession.
Palladium Pre-Testing (Score:3, Insightful)
But that would leave a major gap which, according to this story, has been admirably filled.
Trusted computing - only trust the worms written and distributed by MS itself.
Re:Palladium Pre-Testing (Score:4, Interesting)
In Tomorrow's News (Score:5, Funny)
THINK, man, THINK (Score:2)
Do you think that might be because, without the 'net, most couldn't contact you to complain? If they install an update and "the durn computer broke the Interweb!" do you think they're going to be able to debug and fix the pr
Before you all complain about auto update... (Score:5, Informative)
The article says that since this wasn't a critical patch, just an 'improvement', auto update doesn't install it.
Re:Before you all complain about auto update... (Score:5, Funny)
Personal Experience (Score:5, Interesting)
Only four hours ago, I was on the phone to MS support. If the p.c. is started with only MS services enabled (there's only Norton or MS ones on this machine) via the msconfig utility, everything is fine. If I disable all the non-MS services in the services window though and do a normal restart, everything is broken again - duh!
I'm going to try unloading/reloading all the Norton stuff again but don't hold out much hope. Oh well, looks like I'm up for another rebuild, the sixth in five months... and no, I won't be using the updates in future
Geez (Score:5, Insightful)
Umm... NO. It doesn't.
And stop taking cheap shots at MS, it just make you look like a whiny school kid.
There is plenty of reasons to bash MS policies and software, but the signal-to-noise ratio is getting silly.
Software Update Services... (Score:5, Insightful)
If you're paranoid^H^H^H^H^H^H^H^Hsensible, wait a week or more to give the rest of the world time to find bugs, test the patch thoroughly in a test environment, and of course ask yourself if you actually need it.
ps. how many of todays slashdot readers know what ^H means?
Re:Software Update Services... (Score:2, Informative)
Telnet backspace echo
Man, I miss MUDing
Anyhow, to respond to your point - independently test bedding M$ updates certainly sounds like a good idea, but it either means 1- A seperate testbed machine or 2- using a standard machine for the process.
1- requires a fair ammount of money in the company, while 2- still has the possibility of nixxing one machine
It's still a good idea though
attribution (Score:5, Informative)
Um (Score:2, Funny)
Or does it mean that after a hundred thousand complaints they pulled it from the site?
*SLAP*
Windows Update is buggy (Score:3, Interesting)
For example, I've downloaded, installed, and rebooted as required for the security update from Feb 13 for MSXML 4.0 and the bloody thing still keeps coming back!
Now I've got ones from April and later that keep returning like zombies to haunt me. You'd *think* that it would be simple... but noooo.
Re: Windows Update is buggy (Score:2)
I don't know if this is true anymore, but back in the NT4.0 bad old days, adding or removing a winders component forced you to reinstall ALL service packs and patches.
Re:Windows Update is buggy (Score:2)
btw is your Domain controller synced as well...
[net time
(workstations usually get their time from the DC that authorized the login... win2k allows sync with SNTP (subset of the NTP protocol) servers if the windows time service is enabled.. Your DC should be synced to an SNTP source that way the clients get their time updated, as should ANY device that supports (S)NTP and does logging [ie: routers, linux boxes, DC]
Windows Update is time sensi
Not a required update... (Score:2)
In that case, 600,000 people does seem like a lot, especially if they can't get on the internet afterwards to get the fix for the update, as the article implies.
Vague stats (Score:2)
It wasn't just Symantec (Score:5, Informative)
I had NO symantec s/ware on my system, (I use Mcafee) and I lost all networking / internet access.
Also, the Yahoo article says that the update had to be removed which is bull$hit, the update could NOT be removed, and the only way to fix my system was to re-install and re-update Windoze.
MS said only a small number complained, well, I did, and a couple of days later the update was pulled, no reply to my email though, not even a thank you or aknowlegment - typical MS =O(
fLaMePr0oF
Re:It wasn't just Symantec (Score:5, Informative)
Unfortunate (Score:5, Insightful)
Bugs like this keep the common microsoft user from installing the latest and greatest updates. They might not understand that their security is troubled until they recent damage; however, they understand this:
"I finally ran windows update... and now I can no longer get on the internet. Crap, I'm never doing that again."
Methinks it's a Microsoft-is-too-huge-syndrome. Microsoft can't test its fixes on every possible configuration; therefore, problems like this will occur. Episodes like this [microsoft.com] have previously occurred and will occur again.
It's the nature of the beast.
btw, thanks Slashdot. I could have installed that this morning!
Davak
Re:Unfortunate (Score:2)
I also agree that the proliferation of platforms hurts MS, but it hurts open source X86ware in the same way. Note that because Apple and Sun control the hardware, they and developers for their targets have man
Re:Unfortunate = Flame War? (Score:3, Funny)
I've got to get down to the pro-choice rally before I go lobby for my right-to-bear arms. After lunch I am attending the pro-captital punishment rally. Then hopefully tonight we can attend the fund raiser for the statue of Al "i invented the internet" Gore.
Here are the flame war rules. [velvet.com] Please print them out for later reference.
Davak (in asbestos underwear)
Microsoft KnowledgeBase (Score:3, Funny)
difficulty with software upgrades (Score:5, Informative)
keep a copy of the old software or to make full backups before upgrading the OS. Updating software is not trivial because it X + A + B is not equal X + B + A : the update A can and will in general change something of the modification B. After a few such operations it becomes very difficult to keep track about all possible
states the users can have on their machine.
My experiences from updates:
- even for modern Linux distributions, it is a good idea
to make full new installs rather then upgrading. I personally
always had problems with upgrades and almost never had problems
with full reinstalls.
- the OS X updates went all smooth so far. Still, I always upgrade
first one machine, wait to see if everything works fine before
updating the others.
- XP updates. No problem with vmware. Just keep an copy of the
old virtual machine around. If something screws up or one of
the software has decided to "upgrade" itself:
rm -rf winXPHome
mv old.winXPHome winXPHome
Virtual machines can also easily be copied from one machine to
an other.
Re: (Score:2, Informative)
XpP (Score:2, Funny)
DRM (Score:5, Funny)
Automatic Updates (Score:5, Informative)
For most people, it is the only way they're ever going to install updates on their computer. However, I've found production Windows 2000 servers with this feature enabled! This is at least the 2nd or 3rd time that I've read a story on /. about a Windows XP/2000 patch that was no good.
If you want to disable automatic updates on your computer, go to Control Panel->System->Automatic Updates tab and click the buttons to turn it off. You'll be better off picking what you want to update manually.
Re:Automatic Updates (Score:5, Funny)
Only 2nd or 3rd? Don't visit /. much, do ya?
Re:Automatic Updates (Score:3, Informative)
Note that the Automatic Updates feature has three possible configurations.
1) Notify before downloading, notify before installing. This is the most conservative as user intervention is required twice along the way.
2) Download updates automatically, notify before installing. This is probably the best of the three options as it will trickle all updates down to your computer using unused
Obligatory Matrix reference (Score:4, Funny)
Also don't install the 811493 fix (Score:5, Informative)
The parent post is false to get modded up-see here (Score:4, Informative)
"This problem occurs because of a regression error in the Windows XP SP1 versions of the kernel files (Ntoskrnl.exe, Ntkrnlmp.exe, Ntkrnlpa.exe, and Ntkrpamp.exe) that were included in the original 811493 security update. On May 28, 2003, Microsoft released a revised version of the 811493 security update for Windows XP SP1 to address this problem."
It's fixed and is a non-issue. Moderators were had.
What a bunch of crybabies here (Score:2)
Re:What a bunch of crybabies here (Score:3, Funny)
You're right -- the expectation that a product should work as intended is entirely unfounded. Thank you for freeing me from the ignorant cave in which I have been hiding all these years.
What Happened (Score:2, Interesting)
http://www.threedegrees.com/MessageBoards/ShowPost
What is going on is that Symantec's AntiVirus software is clashing with Microsoft's attempt to update some critical files, and when only half of the files are updated and the other half is denied, the result is a broken machine.
The fault can't entirely be blamed on Microsoft in
Re:What Happened (Score:3, Informative)
http://www.threedegrees.com/MessageBoards/ShowPos
Sorry
retard (Score:2)
Not everbuddy checks their windowsupdate every fifth minute
don't trust windows update (Score:3, Insightful)
For whatever reason, though, I never use Windows Update, and I don't know that I've ever patched my Windows XP, outside of SP1. Maybe it's because I really only want to use Windows for gaming and not bother with much else, but I think it's also because, when I get something working, it's sometimes through some steps that elicit black magic from Windows, and I'd like the feature to stay working. The most recent example is the Windows XP VPN service, which for whatever reason will issue me an IP I want, and will work with other users' routers, only occaisionally. Windows allows so little control over its features (compared to Linux and others), and VPN is no exception: A set of wizards, so when it works, yea I'd like it to stay working, and this patch warning that VPN may be affected, is certainly only redoubling my avoidance of Windows Update.
We all know the history of Microsoft and patches, so I'm certain that is a sort of "subconcsious" reaction when I see that awful tooltip in the corner. My Windows patching tendencies are highlighted by my almost religious running and adherence to OS X's Software Update panel (alright, I haven't installed the latest iTunes update
No, that's not what it means (Score:4, Insightful)
No, that's not what it means. Users who are savvy enough to know about the 'issues' with Windows Update probably don't use Windows XP, for the most part.
Actually, what this means is that you found a story about Microsoft, and needed a way to trash them, so you came up with a lame rhetorical question.
Honestly, what would you have them do? Not retract the broken update? Around here Microsoft is "damned if they do, damned if they don't". They just can't do right by many Slashdot posters.
Sure Microsoft does a lot of bad things, but certainly retracting a broken is not one of them.
Call them on their bad business practices, sure. But snide remarks like yours only make anti Microsoft people look childish, foolish, and generally make you look like you're really struggling to find something wrong with them.
Anti Microsoft Slashdot Goldmine
1. Find non-news story about Microsoft rightly retracting a broken update.
2. Insert witty, yet trollish rhetorical question.
3. Post to Slashdot.
4. Wait for the Karma to roll in.
5. Profit!
Oh no! The sky is falling! (Score:3, Informative)
I had a similar problem to this about a year ago, under Windows 2000. I was using a piece of firewall/intrusion detection software called BlackIce. They released a new version of BlackIce, I installed it. Then I installed a network/security update from Windows Update.. rebooted, and what do you know, my internet doesn't work anymore. I contact BlackIce's tech support (who was very helpful) and they admitted they were aware of an issue with that particular security update and their software not working together, and that they would be releasing a patch soon for BlackIce. Microsoft wasn't at fault for it, BlackIce was, and they admitted it.
Come On Now... (Score:4, Insightful)
Re:Maybe its not on KB because nobody is at work? (Score:5, Funny)
Re:Maybe its not on KB because nobody is at work? (Score:2, Insightful)
After deinstalling the update (luckily that was possible, there are updates where there is no rollback) everything worked fine.
I checked again with windows update and the patch wasn't avaialble anymore (this was last saterday), so I reckoned it had nothing to do with my setup, or at least was not the only one.
Re:Maybe its not on KB because nobody is at work? (Score:2)
Also in a different time zone from the drones in Redmond, Washington, USA, where it was, in fact, about 5:15am at the time of the post.
Re:Microsoft Security (Score:5, Informative)
""There were hundreds of thousands of people who downloaded this, and we know of only a handful of people who had the problem."
Re:Microsoft Security (Score:5, Insightful)
Re:Microsoft Security (Score:3, Funny)
Re:Microsoft Security (Score:3, Informative)
Re:Microsoft Security (Score:2, Insightful)
Re:No (Score:3, Informative)
Nearly... it was 600,000 downloads, not 600,000 broken internet connections. According to the article only 'a handful' of the 600,000 who downloaded the patch had problems.
Re:Maybe MS should have tested the software first (Score:2, Interesting)
Everyone fscks up, not just Microsoft!
Poor argument... (Score:3, Insightful)
Microsoft is a software vendor - a software vendor has employees that know, love, and baby their source code to produce a software product. Windows XP is one of their software products. These software developers know their particular piece of the puzzle well - while they may know jack and doodle about another piece of the puzzle within the same product. Nevermind they have no clue on how another piece of software