I wondered what was happening with this last night
It seemed to install correctly once I went to turn my computer off though.
Microsoft has issued guidance on how to fix problems created by its last bunch of patches. Redmond's patches for May brought pain to Windows XP users who have installed the .NET framework. The problem seems to involve updates KB2633880, KB2518864 and KB2572073. Each download the updates and installs them, but then insists on …
Not news, but if the Register insists on doing an article about it, they should try for something a bit more substantive. Not the first time I've noticed this kind of thing, and it's not limited to .NET stuff, and there was a bunch of this going on around the time of Patch Tuesday--though I'm already unsure if it was this month or last.
I'm always interested in hearing more about Microsoft's incompetence. Never liked that company. However, this article was NOT more. The headline actually managed to tell more of the story than the article, which is something of an accomplishment.
.Net on XP seems horribly fragile, I see lots of XP boxes brought in that will not install .Net 1.1 or 2 updates. On any number systems this has been an issue for a long time. What even worse is the process you have to go through to get all the Net crap off to reinstall. Java sucks with its security problems, but .Net takes the cake with its insidious fingers stuck deep in to system directories and the registry.
"Interesting. Tell me how do you know " the versions of dotnet I need"? Is their a magic Windows dependency tool I don't know about?"
My method is easy. Just strip all the .NET mess out of the PC and then reboot. Wait and see what complains. Too many little applications come with the need of this huge mess of a framework.
Once .NET has gone, you can then see which programs complain. Then check up their specs as to what they need. (Or find replacements written in a proper language)
I knew it!
Ran around today doing maintenance for various clients - even argued with one of my techs about it - told him it would be straightened out at some point since they seemed to install correctly.
It's the ones that repeatedly fail that concern me.
(to be fair or unfair, I did consider a conspiracy by MS to help phase out XP lol)
(to be fair or unfair, I did consider a conspiracy by MS to help phase out XP lol)
Y'know, I'm not even "officially" an IT guy -- I'm largely self-educated in that respect, so there's huge gaps in my knowledge* -- but based on everything else I've read here, I also wouldn't be the least bit surprised if it were discovered that this was deliberate, in order to force people to go to Windows 8. It was the first thought I had before I got even halfway through the article. Granted, most of your garden-variety conspiracy theories are totally whacked, but every once in a great while it turns out that it really is a conspiracy -- but, then, again, never attribute to malice, etc.
I'm reminded of that old geeks' joke from about twenty years ago, about the development of an early Windows version -- or was it a late DOS version: "It ain't done 'til Lotus won't run!"
-----
*...and I'm also using OSX. I could make some crack here about how MacOS has always "just worked", but that argument is pretty much beat to death, so screw it.
If it is a conspiracy then it isn't much of one. It appears to only to re-present an update it already installed. An update you can hide and never see again. I cant quite see how that would make me want to drop XP if I was running it. Add the fact that, according to these forums, this is something that has happened before, long before Windows 8 began to loom over our heads, then it would have to be a conspiracy of dunces. Its just a cock up, of which I, too, have made many.
@ Shannon: I can't blame the Reg for not having much to say. I've been worrying over this for two days (the affected computer is a business-critical machine), and looking all over the Web for information, and the only things to be seen are 1) a whole lot of p'd off users from all over the world, 2) massive silence from Microsloth, 3) smartasses (or an MS PR squad?) on every thread posting fixes that are quickly reported not to work, and 4) traces of closely similar instances from the past. At least the Reg makes it official, so I can show something to the lice at Trustwave ("false positives R us") if they flunk me for not having the latest security updates installed.
Count on MS to leave the world pulling its hair out when a brief statement would at least tell us we could stop wasting our time.
The moral is to not install untested patches straight on to business critical machines.
Microsoft can't and shouldn't escape the blame for their cock-ups but businesses have to take responsibility for what they do. Was this eventuality - and worse - not identified in a risk assessment?
I bet MS used their own new "engine" (so.cl) to search for information on this subject. Only to have some people tag it "Window 8" (or other crap) after which the topic suddenly takes a whole new turn with lots of extra (often unwanted) crap.
That's what you get guys from trying to re-invent the wheel :-)
You know the sad part? I didn't make up the stuff about so.cl :P
I removed all versions of .net which solved the problem. Nothing on the PC stopped working so .net was probably left over from some old and now removed program.
No help for anyone who needs it but might be worth checking anyway.
Waste of Blxxdy time though, 1 hour of messing around with a PC that had worked fine for years.
I heartily agree. Unless you have something that needs .NET, you should remove it. (No part of the basic XP system uses it. Sadly, this isn't true for later versions.) This advice applies separately to the three versions: 1.x, 2/3.x & 4.x. Fortunately, there's a handy tool for doing this.
See: http://blogs.msdn.com/b/astebner/archive/2008/08/28/8904493.aspx
I tried to look at the link provided (on a Linux box) and got
"System Tip: This article applies to a different operating system than the one you are using. Article content that may not be relevant to you is disabled."
Oh, fuc*king sensible! I might be using a different computer, with a different OS, in case this 'strange behaviour' flagged up in my suspicious mind as malware....
Muppets!
And you failed to look at the page properly. If you did you would have seen the link to click to look at the info anyway. I like this move from MS as it stops many home users following incorrect information when they are trying to solve problems themselves. Not their fault if you don't pay enough attention.
>> If you did you would have seen the link to click to look at the info anyway.
I just looked at the article (from the US, at 19:45 GMT), and saw no "link to click to look at the info anyway"--not anywhere on the page. If it existed, then apparently this information leak has been fixed--presumably because it just encourages use of non-Windows OSs.
Me TOO!!!!
What a bunch of dumb fuckwits!
Recently, I got a new 'puter loaded with WindbloZE 7 on it.
As a diehard Linux user, I could not tolerate the prospect of a WindblowZE infection existing on my 'puter.
After purchasing a new, larger hard drive, I took the anti-static bag it came in, and put the old WindblowZE 7 hard drive in it, and plastered the bag with `biohazard` labels.
WindblowZE - dangerous to the health of a 'puter.
Perhaps it's stealth tactics to convince people to upgrade.
Get them so damn frustrated, they throw in the towel and get windows 7.
I'm amazed XP is still so popular after a decade - then again, it was built on win 2k, Microsofts finest release to date - they got that one right!
Microsoft really have a problem on their hands with XP now and they're making life more difficult with windows 8. Where I work, 70% of the office computers are still on XP and I bet that's pretty much the figure globally.
If it ain't bust, don't fix it, 'cos microsoft will bust it for you ...
when I attended a .NET bash before it came out and was told how the DLL hell was a thing of the past.
I also remember the day when .NET got upgraded to 2.0 and all the earlier stuff stopped working with no fix. It wasn’t an XP problem it was an MS problem.
Well its not a problem for them - the whole point is to make you upgrade to the next version if the OS with all the costs involved.
You still running XP? Not if we can help it...
> DLL hell was a thing of the past
I never understood why DLL bothered people until I started using .NET. Prior to that I'd always used explicit DLL loading and a generic command dispatching mechanism so that the number of imports/exports rarely changed.
Sadly it's the usual story. Third party solutions might be cheaper than ones you implement yourself but are rarely as hassle free. .NET is basically all about third party solutions. Saves a lot of time during development but can be hell when it goes wrong since half the time you have no idea what the problem is very little help from error messages.
This happened to my work PC recently - it updated my recent vendor specific network driver to an older MS nonworking one.
Win7 though I have not found a quick shutdown option which does not do updates so if I need a quick shutdown I shut everything down then switch off at wall, safer than the power cut mid update. (dodgy power near here - we have regular power cuts - every few months, to trim trees around power cables)
A tip for your sanity
If your hardware drivers need updating do it properly - download the driver, uninstall the hardware and reinstall pointing at the new driver. Never use any kind of inline update service. Networking controllers drivers are as notorious as graphics cards for not tolerating hot updating.
And remember - just because a newer driver is available doesn't mean you should install it. What was wrong with the old one?
As for .NET why bother. If you have .NET reliant apps and they work fine you don't need the update. Check the issues and download only if it fixes something you need fixing. If you don't know if you need .NET uninstall it. If something stops working check the documentation and get the right version.
If you are in business support you don't need MS to tell you that you have installed certain updates to certain machines as you will, of course, have your own logs and you would never, ever have installed untested patches to business critical machines.
This is a security update, you should definitely install it even if all your .NET apps are reliable.
All three relate to Code Access Security, which sandboxes what the code is allowed to do depending on what is hosting the code, and where it came from. Microsoft provided a plug-in for Firefox to support loading .NET components (particularly 'XAML Browser Applications', XBAPs) in addition to the support in IE; the plug-in reportedly also works in Chrome but I don't think there's any formal installer for it. If an attacker can convince you to click a link to an XBAP, they may be able to escape the sandbox and execute arbitrary code. That's the potential threat, for client computers.
IIRC the Firefox plug-in was installed by default in some releases of .NET Framework 3.0 and 3.5, but I think not installed by later ones. Perhaps this is where the problem lies.
ASP.NET can be configured to run hosted web pages and services in Medium Trust mode, again sandboxing what the code can do - an attacker could be able to break out of the sandbox if they could replace the code for the page.
This will NOT be downgraded to any newer version of windows, I think I will remove .NET then.
It is staying XP as newer windows remove things, Vista and 7 have bolloxed full screen DOS, 7 32bit has bolloxed NETBIOS, great fun (remote to a customer) when your system reindex utility is still in DOS and requires Netbios to connect to the server. Luckily the system was small enough to zip and bring back to our office.
32 bit Win7 is crap - cannot run DOS apps full screen, no NETBIOS so what is the point in it? May as well have 64bit
Well here is the news:
* DOS is crap and what you call it is not DOS anyway, it's just full-screen console; was nice but I dont miss it terribly.
* NETBIOS is crap and it caused enough problems with high LAN loads already. Simple to setup but pain to troubleshoot, esp. when you also run SMB on IP stack in the same network.
* you cannot run 16bit applications under 64bit version of Windows (in case you have nostalgia for that too).
Some people just move on. The ones who believe in old times fallacy usually also believe in conspiracy of AV vendors.
Also, if you've got a load of old DOS 16bit apps kicking around, you could choose DOSBOX, a FOSS DOS VM. It works really well, on Windows, MacOS (incl PPC) and Linux and provides virtual IPX/SPX tunnels over TCP/IP. It supports iso images as CDROM drives and, well, is generally great.
DOS / full screen console
Whatever it is, it is still needed, when you have a HUGE system written by a small team over many years, it takes a while to convert to Windows, our 16bit VGA graphics DOS apps are still out there running multi million pound businesses. People do not necessary like change, one large very efficient customer only moved this year and are still using a couple of the older dos applications as well.
Now do I convert a screen used at one site? or do I write new code to sell for money?
As to Netbios, managed to get an application running in 25 line mode (32 bit Windows 7), but it was unable to communicate to the database server, why? MS removed code from Windows the program relied upon.
What this means is rather than spend time writing new code we can sell, I have to sit there porting old code to a new language. Is this making money for our company? NO!
BTW we use the same database server for all programs, been using it since Netware 3.12 days, they have been hit by the netbios screw up as well, as their DOS IP layer needs it.
Customer PCs are mainly XP, ONE Vista, quite a few Windows 2000, a few Windows 98 and a sprinkling of Windows 7, customer servers are Win 2000, 2003, 2008, NW4.2 and NW6.
I'm using Win7 and an XP machine for the DOS code
I looked on our WSUS server, and I can see that these patches were reissued yesterday. If you look on the Microsoft Answers threat, the first question and reply are on 8/9th May, followed by a bunch of new posts yesterday.
Windows Update isn't doing anything that abnormal IMO, I think these are simply updates to existing patches.
Updated the UPS on the mother-in-laws computer last week - it needed a 15Mb download ... a pain but easily done in a couple of hours ... and then insisted on getting .NET 2.0 and 3.5 + updates to install ... a further 100+Mb ...
and all via a 14kb modem ... (she's actually got a 56kb modem but it's a long phone line ...).
.NET is simply the rise of the (virtual) machines ... it will do us all in if it keeps on like this.
Once again I ask, why am I not affected, and why aren't clients of mine affected?
I have 200+ WSUS clients at one site alone, which are a mix of XP and Windows 7 desktops. Installation took a while, as .NET updates tend to do, but that's why we have scheduled updates over the weekend.
... for updates", make yourself some kind of note and recheck one a week or so to see if it's fixed. Or, since MS has trustworthy computing just check back next patch Tuesday. Meh ... a non problem. Hide the updates if they offend you. Revert to a state that was running right then hide the offending updates. Oh yeah, sorry ... got dozen or hundreds of boxes to administer? Oh well, keep on carping and whining; that always helps. Makes IT look like the good guys too.
See this blog post for a description of many of the problems with patching .NET 2.0:
http://blogs.msdn.com/b/heaths/archive/2008/04/18/microsoft-net-framework-2-0-service-pack-1-fails-to-install.aspx
and this KB article:
http://support.microsoft.com/kb/951950
Usually, if a patch is trying to install itself repeatedly through Windows Update, it's sufficient to uninstall the patch from Control Panel, and then download the standalone patch from Microsoft's Download Center.
The list of affected package numbers goes back to last June, and I'm surprised that they're reappearing. The recent MS12-035 (http://technet.microsoft.com/en-us/security/bulletin/MS12-035) includes packages that replace the three mentioned updates, so it's possible that the problem is actually that the new package has been installed, and the detection code for the three previous updates is not detecting this.
As I understand it, Microsoft offer free-at-point-of-use technical support for all security updates, so if you're experiencing this problem, CALL THEM.
In WHAT fucking parallel universe????
I can't wait for the wailing and gnashing to come out of 'big business' at the prospect of having to retrain office staff to have to deal with Metro.
Then again, spoken by a freetard who ripped Unity off this Ubuntu box.
My own personal experiences of .NET via Windows Update on XP have always been fairly hideous any time more than one patch at a time is concerned - it is almost like WU deliberately patches out of order and then trips up on itself, so not seeing anything new except perhaps the KB numbers... "the numbers have been changed to protect the guilty, I mean innocent" :)
This is why on the office network I ended up keeping 8 different .NET installers so that on a new machine I could set XP up, disable updates, run each installer in a specific order and only then turn on updates.
Thankfully Win 7 WU seems much more robust...
Ages ago I had exactly the same thing happen on Windows 7 64-bit and 32-bit editions too — two updates of .NET got into infinite update loops.
Wasted best part of a day trying to fix it myself and finally spent ages on phone to Microsoft Support — via MSDN subscription — and their conclusion in the end (after more than an hour on phone) was "Back up your data. Format drive. Re-install."
I was staggered that a 21st century 64-bit OS could be completely shagged by an update from its author, and require such radical fix.
First time around, the Automatic Updates icon popped up and indicated the need for a few .NET Framework updates. Okay, fine, fair enough. I let them run in the background.
After a while, the icon just disappeared, which was fairly odd. I would have expected the "updates complete" or "you need to restart your computer to finish updating" notice, but I got neither. Automatic Updates popped back up a few moments later with the same updates. Strange. Maybe the updates failed to install themselves...oh well, might as well let it try again. I did, and the same thing happened.
What eventually sorted it was going to the Microsoft/Windows Update web site. It's not been back since doing so.
If any of you are running Peachtree by Sage on your client machines, restore a system image from a backup image anytime before this Fu*kin Tuesday, May 22nd as the app wont repair from cd, uninstall, or reinstall correctly after this patch. Application WILL NOT RUN. .Net repair tool a waste of time (for me). Daily Drive Image backups just saved my ass...again