As World Reacts To WanaDecrypt0r, Microsoft Issues Patch For Old Windows Systems

An anonymous reader quotes the AP: Teams of technicians worked "round the clock" Saturday to restore hospital computer systems in Britain and check bank or transport services in other nations after a global cyberattack hit dozens of countries and crippled the U.K.'s health system. The worldwide attack was so unprecedented that Microsoft quickly changed its policy and announced that it will make security fixes available for free for older Windows systems, which are still used by millions of individuals and smaller businesses. [Windows XP, Windows 8, and Windows Server 2003]
An anonymous reader writes: The patches are available for download from here. Microsoft also advises companies and users to disable the Windows Server Message Block version 1 protocol, as it's an old and outdated protocol, already superseded by newer versions, such as SMBv2 and SMBv3... Microsoft had released a fix for that exploit a month before, in March, in security bulletin MS17-010 [which] included fixes for Windows Vista, Windows 7, Windows 8.1, Windows 10, Windows Server 2008, Windows Server 2012, and Windows Server 2016.
Below the fold are more stories about the WanaDecrypt0r ransomware.

• The Los Angeles Times says the attack "shows why Apple refused to hack terrorist's iPhone," and why Google, Apple, and Microsoft resist calls for backdoors. "Though the NSA hasn't confirmed it was hacked, the purported leak of its tools shows that even supposedly secret vulnerabilities can get into the wrong hands.... when flaws the agencies discover pose a threat to the nation's businesses and consumers, they should be forced to help secure systems."
• Science fiction writer Charlie Stross blogged a humorous take on the event, sharing a "Rejection Letter" from Reality Publishing Corporation that argues the plot of his newest thriller -- MS17-010 -- "does not hold up to scrutiny." (A government agency hoards known vulnerabilities about vital infrastructure, then suddenly loses control of them...)
• troublemaker_23 shares ITWire's call for a "public statement of contrition" from Microsoft, which reminds readers that "the ransomware and exploits are just the effects. The vulnerabilities in Windows are the cause."
• There's now a first-person account about the discovery of the kill switch, which insists that registering that domain "was not a whim. My job is to look for ways we can track and potentially stop botnets..."
• Slashdot reader Lauren Weinstein says some antivirus services (and firewalls incorporating their rules) are mistakenly blocking the kill switch's site as a 'bad domain', which allows the malware to continue spreading. "Your systems MUST be able to access the domain above if this malware blocking trigger is to be effective, according to the current reports that I'm receiving!"

First Wave Attack

[mentil]

I, for one, welcome our new Cylon overlords.

Re:

[__aaclcg7560]

You just need a microwave oven to kill a Cylon.

https://www.youtube.com/watch?v=joUZj4shx80 [youtube.com]

Re:First Wave Attack

[K. S. Kyosuke]

This internecine violence between kitchen appliances is sad to watch.

Re:

[__aaclcg7560]

This internecine violence between kitchen appliances is sad to watch.

That's why you have to keep the toaster far away from the microwave oven.

Re:

[chuckugly]

How is encrypt everything so much different?

Re:

[newcastlejon]

How is encrypt everything so much different?

Because no-one is going to pay a ransom after their data has been erased and if they're warned beforehand they can easily pull the disk and retrieve everything. There's no profit to be made in that.

Re:

[chuckugly]

And how does that make us lucky?

Re:

[Aighearach]

If we could just get the users to do that themselves when infected, this problem would eventually go away.

People need to learn to create data backups; not system backups. You don't need to back up your OS+cracks, you just need to back up your actual data and have a way to track service dependencies so that you can install a fresh system, and then connect your data to your services.

There are lots of websites using RubyOnRails and similar technologies that have modern deployment systems that makes that easy.

Re:

[Rei]

You have your computer set up to have 24/7 read-write access to your backup system?

Yeah, not a good plan.

Kind for Microsoft to fix their own bugs

[JoeyRox]

They truly are a reborn company.

Re:

[E-Rock]

For an ancient unsupported version of their product. Make sure you put that into your narrative.

Re:

[__aaclcg7560]

Hex editor? That worked back in the DOS days.

Re:

[mikael]

Hex-Ray is the modern day equivalent. I remember the days of replacing E6 60 with 90 90 for noisy DOS games.

Re:

[Dunbal]

How do people circumvent DRM without source code...

Kind for Microsoft behaviour

[Okian Warrior]

For an ancient unsupported version of their product. Make sure you put that into your narrative.

Lots of people on the net would support the product, if Microsoft allowed them to.

The fact that it's unsupported is a dodge - in reality, Microsoft comes out with new products and forces people into them in order to make more profit.

And in this instance, the "forced upgrade" policy is causing people to die. it's completely unreasonable for people with expensive equipment running Windows XP to have to repurchase their hardware just because Microsoft wants them to spend another $100 for a new OS.

If the OS is truly obsolete and unsupported, Microsoft should release it into the public domain.

Re:Kind for Microsoft behaviour

[AmiMoJo]

XP isn't unsupported. Microsoft will happily provide patches if you pay them. All that has ended is free support.

You buy proprietary software, you have to accept paying for support as long as you want to keep using it, and paying whatever the vendor demands.

The NHS should require equipment to use free software, or for the vendor to supply security patches for its lifetime.

Re:

[Dunbal]

For an ancient unsupported version of their product. Make sure you put that into your narrative.

Not sure a car manufacturer could get away with "oh but we don't support that car anymore" if it started killing people. One thing is "corporate policy" and another thing is legal liability. Smart move on Microsoft's part, before they get sued.

Re:Kind for Microsoft to fix their own bugs

[E-Rock]

I must have missed where car makers went back and retrofitted cars with airbags and ABS at their own cost.

Sure you can put these on yourself, just like you could add a hardware or software firewall to block inbound SMB. That would have stopped the lateral infection of this worm. No source code needed, just a bit of care and attention.

Re:

[thegarbz]

retrofitted cars with airbags and ABS at their own cost.

No one is talking about MS back porting a world of security measures like ALSR into unsupported OSes. That would be the equivalent of retrofitting old cars with ABS. Retrofitting cars with airbags is not the same as fixing a new vulnerability. You know what car companies have done? Recalled cars with faulty airbags and fixed them at cost regardless of the age of the car.

Re:

[JoeyRox]

Microsoft is the source of a bug they've known about for months and is causing thousands of users to have their data held captive but somehow I have a "narrative". Sounds like you're the one with a narrative.

Re:

[rtb61]

Hey moron, it is not about support, it is about shit programming and after years and years, still failing to fix it properly. People paid for working software not shit programming that would never be fixed, The law should be fix it or open source it, no right to never fix broken programming. Either M$ finally, finally fixes their shit coding or the open the source when the give up trying, so that other people can fix it.

It is entirely corrupt to think you can just abandon bugs and security failures becaus

Re:

[Joce640k]

With all the money they made on XP they should still be issuing security fixes, yes.

Re:

[athmanb]

Try asking an open source developer for a patch for an application released in 2002 and see how far you get...

Re:

[present_arms]

Why? The source would be available for anyone with knowledge to patch/fix as the source is open for all to see.. not so with closed source and there lies the problem ;)

Re:Kind for Microsoft to fix their own bugs

[__aaclcg7560]

The source would be available for anyone with knowledge to patch/fix as the source is open for all to see.

If you wrote code in 2002 would you still understand the code 15 years later?

Too many times I open up a source file from last week, look at the code, and think: "Who wrote this shit?! Oh, I did. Meh..."

Re:

[F.Ultra]

Perhaps time to change your coding (or commenting) style then.

Re:

[__aaclcg7560]

Perhaps time to change your coding (or commenting) style then.

That's why I was writing unit tests, refactoring code and writing documentation this morning.

Re:

[F.Ultra]

+1 Top Notch

Software non-freedom is not justified.

[jbn-o]

Asking about one's skill with editing old code has nothing to do with the need for treating other people ethically by respecting users' software freedoms. Just because you aren't skilled enough to track what's going on in code from week to week doesn't justify denying users the freedom to run, inspect, share, and modify the code running on their computers. Non-technical users (which probably are in the majority) can either learn programming, hire out the job, get someone they trust to help them gratis, or a

Re:

[__aaclcg7560]

Just because you aren't skilled enough to track what's going on in code from week to week [..]

I tend to make a lot of changes in my code from week to week. That it still works as intended is a nice bonus.

[...] doesn't justify denying users the freedom to run, inspect, share, and modify the code running on their computers.

I don't know where this line of reasoning came from.

[...] just as your learning curve is apparently steep enough for you to review week-old code and think it to be "shit".

My harshest critic is myself. If I think what I did last week was shit, than I need to do better this week. I know too many programmers who find it easy to "polish the turd" than to push themselves to the next level.

Re:

[anonymous cupboard]

If you wrote code in 2002 would you still understand the code 15 years later?

Weirdly, yes and from 1992. It might take a bit to get back into understanding the environment where it works but usually, I have provided enough annotation to pick it up again quickly, and that includes assembler. It is possibly though because I mostly stayed clear of the very clever stuff and I had enough experience to know that I could be haunted by old code and wrote accordingly.

Re:

[__aaclcg7560]

That you have the second response when you open up code you've written does not surprise [...]

My code changes from week to week. In particular, I was writing unit tests, refactoring code and writing documentation this morning. I couldn't figure if a function acted on a "per page" or "per comment" basis. I kept thinking "per comment" when the code was "per page".

[...] professional engineer [...]

What does this have to do with civil engineering?

Re:

[__aaclcg7560]

If your code changes "from week to week" then you are most probably doing a lot wrong.

I'm not aware that there's a "right way" to doing a learning project.

You should stop and think carefully before you hack your next batch of unmaintainable crappy code.

I rarely go back to any of my older learning projects. Usable code I keep in a snippet file for my next learning project.

Incidentally, if your function can be either "per page" or "per comment" then make sure one of the function arguments is clearly named (eg "pages" or "comments") else adjust your function's name to something that makes it clear.

I was confusing the section of code that I was working with a different section of code that I previously worked on. An AC threw a fit a few weeks ago because I was storing HTML data in a CSV and insisted that I use Sqlite instead. After looking into it, I wrote a function to write data to Sqlite. By marking "content id"

Re:

[__aaclcg7560]

I have code I wrote in 1990's which is still in active commercial use and it is still good. And I still understand it.

If I find any of my HTML code with the blink tag from the 1990's, I'll be sure to delete it in a hurry.

Re:

[spire3661]

What happened there? I got hit with that stupid thing for a while, on a raspberry pi system not connected to the internet that i was using as digital signage.

Re:

[F.Ultra]

The author of xscreensaver got tired of receiving tons of mails from end users complaining about problems that where already fixed years ago, fixes that various distributions (like Debian) never backported so he put that message in there to vent his anger a bit.

oo-er

[Hands of Blue]

As much as I like to complain about micro$oft, I'm hard-pressed to fault them for this event, and certainly can't fault their response to it.

I'd say most of the blame lies on the staff and, more so, the policies at the institutions where the event occurred. Government and healthcare orgs are notoriously slow to update mission-critical systems, and while some of this blame can be placed on their reliance on custom software built for old environments or a lack of funds for upgrades, at the end of the day all

Re:oo-er

[Joce640k]

Most of those embedded devices probably can't be upgraded.

This is why Microsoft should be taking more responsibility for them.

Re:oo-er

[F.Ultra]

Hardly, if it's any one who should take more responsibility here it's the vendors of said embedded devices. To even implement such devices on software that they know will be EOLd while still be connected to a network is beyond me.

Re:

[painandgreed]

Hardly, if it's any one who should take more responsibility here it's the vendors of said embedded devices. To even implement such devices on software that they know will be EOLd while still be connected to a network is beyond me.

Trust me, the vendors have covered their asses with their install/support contract. They probably have an upgrade path, and only require the hospital to buy the new version along with new servers to begin the migration. $10 million isn't unusual for such an upgrade and a single departmental system, which may or may not be only payable out of departmental, capital, or some other budget by either hospital policy or state law. Plus, they're not really EOL'd. MS is still supporting older systems for those with

Re:

[F.Ultra]

I'm quite sure that they have covered their asses with contracts. That is not my concern however. My concern is that they decide to build embedded devices running on Windows XP and then leave them connected to a network fully aware that Windows XP will be EOLd in the future (yes you can still shell out enormous amounts of cash to get some small support from Microsoft but that still leave it as practically EOL for most of us anyway).

Re:

[spongman]

which medical facility uses devices based on (software) components that are unsupported? do they also let the calibration on their dosimeters expire?

no, if your embedded device contains software that EOLs, then THE WHOLE FUCKING DEVICE should EOL on that date. you know that date at the time of purchase - it's no secret.

Services not running == safe?

[Rick Schumann]

Am I safe to assume that since I don't have the Server Service or Workstation Service running that I'm safe from this particular exploit?

Re:

[__aaclcg7560]

If you got a current Microsoft OS and up to date on patching, you should be safe. It might help if you're not looking at naughty bits on the Internet. If you don't practice safe computing, you're just asking for trouble.

Re:

[Anonymous Coward]

Several years ago, somebody did a study of the worst types sites on the web, the ones most likely to infect your computer.

Porn wasn't even close to the top.

The absolute worst offender?

Church sites.

What they figured out is that religious people are stupid, believing in a god is only one symptom of that stupidity. They have some moron in the church design their website for free, but the moron doesn't actually know anything about security. So there's unpatched code all over that church site, it gets hacked q

Re:

[__aaclcg7560]

The absolute worst offender?

At the enterprise level, I would say money exchange websites. More so if you have an international workforce that travels a lot between job sites.

Church sites.

I'm not surprised. Church people are surprisingly gullible even though the Bible teaches: "Therefore be as shrewd as snakes and as innocent as doves." (Matthew 10:16)

Re:

[__aaclcg7560]

For example, those poor saps that hire creimer ignoring red flags such as his 1000 page resume and furniture breaking heft.

We got our first fat joke for the day. Here's a pic!

https://twitter.com/cdreimer/status/863479397117870080/ [twitter.com]

Re:

[__aaclcg7560]

Fuck man, I can't even.

Cartman is a mess.

Re:

[Anonymous Coward]

Your words are embarrassingly condescending here, but it's true in other venues that scammers are attracted to religious folk due to their gullibility.

Re:

[digitig]

Tricky for the NHS - it's part of the job of healthcare professionals to look at people's naughty bits.

Re:

[headbulb]

SMB is always running even if you turn off filesharing it's still there \\pcname\c$ will take you to that computers c drive.

Patch please

Re:

[Rick Schumann]

Okay.. I don't think you know the difference between 'filesharing' and what I'm talking about.
Open a command prompt and type:
net start
You'll get a list of Windows Services that are running. Most all of you will see "Server" and "Workstation". I have those services set to "Disabled"; they don't show up in that list, they're literally not running at all. So again what I'm asking is: Since those Windows Services are Disabled (i.e. not running) then is there still a problem or not? If you don't know the answ

Re:

[Rick Schumann]

TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING

Re:

[Rick Schumann]

Oh for fuck's sake.. OF COURSE they're Stopped. There's been dozens, hundreds of reboots since I set them to Disabled. Don't be dumb.

Re:

[Rick Schumann]

Since you claim to know what you're talking about: "Server Service" and "Workstation Service" are both STOPPED and DISABLED and have been for a long time now.
Netstat -an | findstr LISTENING returns this:
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
Additionally I'm behind a firewall that has all ports (0 through 65535) invisible on the WAN interface, and of course no SMB-related ports are open regardless.
Now, are you really saying that this can still be infected? Don't just say

Re:

[athmanb]

Maybe? You should definitely still patch MS17-010 though.

Re:

[Rick Schumann]

I don't trust Microsoft to not slip something else I don't want into the patch.

Re:

[jonwil]

Personally I would rather my system be running whatever crap MS has invented (spyware included) than be at risk of being infected with malware.

Re:

[Rick Schumann]

I've been trying to get Linux Mint up to speed to replace XP, but I keep running into roadblocks, the most recent of which is it's decided to not accept my password for SUDO operations anymore. Just decided at some point to stop taking it. So far nobody has come up with a solid explanation as to why. Then there's the piece of software I'd like to keep using that needs Java, and you can't get Java installed under WINE to save your own life. Then there's the TiVo software that runs as services under Windows,

While the world burned...

[__aaclcg7560]

At my job we finished phasing out the Windows XP and Windows Server 2003 systems from the network last year, the few Windows 8 tablets we have in test are Windows 8.1, and everything else is up-to-date with the latest patches. While the rest of the world burned, it was a quiet Friday as everyone took off for the weekend..

Re:

[DarkVader]

I had one client this year ask me to work on an XP machine, it wasn't connecting to his network.

I told him that under no circumstances would I do anything with that machine other than help him move the data to another computer so it could be reformatted. I told him we could put Linux or 7 on it, but I would not support XP for him.

He made some nose about really liking that version of AutoCAD that wouldn't run on anything later, so I told him that he could keep using it, but the only thing I would do for him

Re:

[__aaclcg7560]

I had one client this year ask me to work on an XP machine, it wasn't connecting to his network.

One time I had a user who finally gave up his Windows 95 desktop after ten years. I popped open the case and found a dust ball that was larger than a grapefruit inside.

Re:

[spongman]

> about really liking that version of AutoCAD
the cracked version he had wouldn't install on windows 7, i bet.

Windows 7

[jawtheshark]

How about fixing the Windows Update on 7. I have a few Win7 virtual machines, that only have 1 core a 4GB RAM and Windows Update just munches one CPU forever and never finishes. I have let it run for weeks, and it never finishes.

That's why I disabled Windows Update on them, because that situation was untenable. I tried many proposed fixes I found on different fora, but nothing worked.

Granted, they are relatively safe, because these installations only exist to provide me a Windows when I need one (read

Re:

[__aaclcg7560]

You need two or more cores to run WIndows Update and play Minesweeper at the same time.

Re:

[jawtheshark]

Could you have been any less helpful?

Re:

[__aaclcg7560]

Could you have been any less helpful?

WOOOSH!

Re:

[jawtheshark]

You can kid all you want, creimer. I did understand your silly joke, but you make a stupid joke, while I address a real problem. Microsoft caused a great many Windows 7 installations to get in this situation: eternal Windows Update cycle. As such, these machines aren't being patched and are all vulnerable. That is something they should have fixed, asap, and pushed though immediately. Of course, they didn't because we all know that badly behaved Windows 7 machines were more likely to get upgraded to 10.

Re:

[__aaclcg7560]

I did understand your silly joke, but you make a stupid joke, while I address a real problem.

You came to Slashdot looking for advice on a real problem. This will end badly.

As such, these machines aren't being patched and are all vulnerable.

The solution is simple: more hardware. One core isn't going to cut it. You need a minimum of two cores and four cores is preferable. I had no problems running Windows Vista through 10 because I don't use the minimum hardware specs. That's just asking for trouble.

Try deleting or renaming the software distribution folder (works on Win7).
http://www.windowscentral.com/how-clear-softwaredistribution-folder-windows-10 [windowscentral.com]

Or back up the d

Re:

[jawtheshark]

I didn't come here for advice. The answers I've seen correspond to what I found. The only new thing would be to disconnect the machines from network while doing the update (which is hard when you your your machines using RDP)

One core and 4GB is not the minimum hardware specs for 7, and even if it were: the security features should work perfectly on minimum system requirements. It's a base OS functionality. For most tasks, one core + 4GB is is more than sufficient. Always has been.

I have a fundament

Re:

[__aaclcg7560]

Usually, that's exactly the kind of people that you don't take advice from because it's the easy solution. The one that doesn't require thinking.

Right. That's what all the people with underperforming systems tell me. Meanwhile, I'm working on my cheap Dell laptop with a dual-core processor, 120GB SSD and 8GB RAM, running Chrome, PyCharm and Thunderbird. If the system does slow down from trying too many things at the same time, I just get another Diet Pepsi.

Re:

[__aaclcg7560]

So, when my Dell Precision M6700 with a Core i7-3740QM and 16GB of RAM has problems with a hanging Windows Update I should throw more hardware at it?

The OP had two Win7 VMs with one core and 4GB each. While that meets the minimum hardware requirements for Win7, it's not an optimal configuration. If Windows Update is taking forever to complete in a VM, it might be because the VM lacks the necessary hardware resources.

FWIW, installing a set of updates manually and deleting SoftwareDistributions did the trick.

There's that too.

Re:

[jawtheshark]

... and for the record..... I did reinstall a couple of times, and les WU do its work.

DIdn't work. How can a plain ISO install fuck up? The only thing I did was, let sit aloe do its thing... It should fix itself, right? Well it doesn't.

I've been managing, installing and maintaining Windows machines for years... I am not the cause.

These VMs can be reinstalled at will though... Data is not stored on VMs. They are only tools in order to live in a Windows world where the occasional task comes where you

Re:Windows 7

[Nkwe]

Actually it has been fixed. While there is a problem with Windows Update getting stuck there are a couple of patches that you can manually apply to get it working again. No, Microsoft can't do that for you because the tool they would use (Windows Update) has the issue itself. Yes, it is a pain to figure out the patches you need and get them applied, but if you do it, it will all be good. For a Win7 64 bit box, try installing KB3138612, KB3020369, KB3172605, and KB3125574. I don't remember the order you need do do these in (you can go read the notes) but the last couple of times I had to resurrect a Win7 machine that was way out of date patch wise, those got it working for me. (And of course, you should get to a more current and supported version of the operating system...)

Re:

[jawtheshark]

No, Microsoft can't do that for you because the tool they would use (Windows Update) has the issue itself.

Yes, yes,... They could make a single comprehensive patch that fixes it. One download, one fix... Well advertised. Hell, I'm sure they would have a way to do it over WU. If a WU client with a certain version contacts the WU server, you send one patch: the one to fix itself. At that point it can fix itself, and then go on it's merry way. Windows XP had an WU fix that went about that way: it was a p

Re:

[Nkwe]

You do not perceive that as a problem? How is Aunt Annie going to do this? You don't even remember the order... I know I have followed many guides, and it never worked. Never... Followed the exact order. Is it because it's a VM and doesn't get a true full core for it? I have no idea.

Assuming that Aunt Annie is not a technical person she would either hire a professional or rely on help from friends and relatives -- the same thing she would do if her car broke down (also assuming that she isn't a mechanic). I don't remember the order because I don't spend much time on Windows 7. I have moved on to a currently supported operating system. I happened to have the patch files sitting in a a directory on my file server and as a courtesy gave you the KB numbers. If I had to patch a Windows 7 bo

Re:

[Waccoon]

A real fix to this problem would be a single download on their web site, in an obvious location, that patches Windows Update to the latest version. No need to hunt down this stuff yourself. But, that would be too simple given that they don't want you to reinstall Win7, in favor of buying Win10.

Instead, you have to surf their forums to find other people complaining about Windows Update running for days (literally) at 100% CPU usage. MS lackeys suggest you reboot your computer. Forum people argue about wh

Re:

[Anonymous Coward]

Install the June 2016 update. Use the manual download installer, and disconnect from the Internet when you launch it. Reboot, Windows Update now works right.

Re:

[jawtheshark]

On any patch level, or do I need to start form a fresh install.

The "disconnect from Interent" is a new factor for me. The July 2016 update promised to fix it, but never did. I must admit, this is going to be very hard for me, because these machine run on Xen hosts and well, I access them using RDP.

Re:

[Anonymous Coward]

The July 2016 should do the trick as well, according to the KBs.
You disable Windows Update (no checking), as you said you already have.
You disconnect from the Internet so the manual installer can not attempt an online scan, which is the slow part.
You need SP1 installed. You need KB3020369 installed, get it manually as well.
Then you install the June or July 2016 rollup. Reboot. Re-enable Windows Update, reconnect to the Internet. Scans should be speedier, especially once you are more up to date.

You also

Re:

[jawtheshark]

Yes, these are the things I have read before. I never disconnected from the Internet, and as such it never worked. I'll try it again one of these days. I might be vulnerable, but the risk is very low (and obviously those VMs have no data of any importance)

What is certain, is that many people may have their machines in a state like my VMs. If so, they are vulnerable and can't be patched. Microsoft is very, very at fault for creating a whole fleet of unpatchable 7 machines. It obviously played in their

Re:

[jawtheshark]

Hi Anonymous Coward. I don't know if you're still reading, disconnecting the VM from the Internet (disabled network interface), worked perfectly and I have a well behaved VM again. Amazing. I am positively sure, I did follow the instructions to get it on that patch level (and bar from the convenience upgrade, the pre-requisistes told me every time they were installed), but that seems to have been the little detail that was missing.

Thanks for the the tip.

Re:

[robinsonne]

Try installing the optional patch KB3172605. It solved the Win Update running and running for ever problem for me at least.

Re:

[jez9999]

Talking of which am I missing something? That link above had a fix for Windows XP and Windows 8, but not Windows 7. What gives?

Re:

[ChoGGi]

If you manually install a couple updates before running windows update, it'll fix that issue
https://hardforum.com/threads/... [hardforum.com]

Equipment Vendors

[networkzombie]

The scan to folder functions on some copiers haven't upgraded their SMB yet, so they cannot save scans to folders without SMBv1. Your choices are get a new copier (or copier with different vendor), enable SMBv1 on the server (bad idea), or use FTP (bad but not as bad idea). I've come across servers that had SMBv1 enabled just for this. One copier vendor wanted major cash to get the latest firmware. WTF? I've had good luck with Toshiba and Xerox. Sharp and Ricoh can kiss my ass. Forums are filled with "techs" advising to enable SMBv1 on the server. Yikes!

Re:Equipment Vendors

[nnull]

Welcome to the real world. People will resort to things like this just to get stuff to work. Unfortunately this is just human nature.

Nice of Microsoft to release an update for Win 7

[Anonymous Coward]

Oh wait, they deliberately didn't do that .....

Who didnt see this coming

[Kuruk]

Microsoft in there greed to force everyone to Windows 10 turned of patch's on peoples machines. Shit hits the fan.

Custom Support and MS quarterly earnings

[yuhong]

From https://view.officeapps.live.c... [live.com] : "As expected, Enterprise Services revenue declined 1 percent and was flat in constant currency, due to a lower volume of Windows Server 2003 custom support agreements."
I did not even know that Custom Support has to do with MS quarterly earnings until today! I wonder how much it actually costs for MS.

Re:

[digitig]

It doesn't seem to have affected emergency services either. It's stuff like the appointments system that's (necessarily) connected to the Internet - the actual medical equipment tends not to be (at least, not directly - some equipment seems to be on VPNs to distribute results automatically between departments, and then over the internet from the hospital to the patient's GP or another hospital).

Re:

[digitig]

And if the update breaks expensive vertical applications, it won't be Microsoft that foots the bill...