back to article Weird garbled Windows 7 update baffles world – now Microsoft reveals the truth

Windows 7 users were left scratching their heads on Wednesday when a mysterious garbled patch appeared in Windows Update, origins unknown. The update only seems to have popped up on Windows 7 systems, including Windows 7 Pro and Windows 7 Enterprise. The rogue patch, which advertised itself as a Windows Language Pack, was said …

Page:

  1. JustNiz

    The fact that Microsoft's own processes aren't rigorous enough to have prevented this test code leaking into their live environment is VERY scary.

    Microsoft should come out and say exactly what the test patch actually effects/does, not just say that they are removing it. Its already in the wild and already effected public systems so therefore WAY too late for Microsoft to live in denial about it. I'm surprised that The Reg allowed themselves to be brushed off with corporate hyperbole instead of pushing Microsoft for these details, but I'm not even slightly surprised that Microsoft are still doing their usual "you don''t need to know what we are actually doing to your property" coverup instead of doing the real professional/correct thing.

    It just boggles my mind how evern large companies and so-called 'professional' IT managers can see this stuff happening then still choose to buy more Microsoft products to run their entire businesses on.

    1. 2+2=5 Silver badge
      Joke

      > Microsoft should come out and say exactly what the test patch actually effects/does, not just say that they are removing it

      It removes the word 'affect' from the system dictionary.

      1. Anonymous Coward
        Anonymous Coward

        "It removes the word 'affect' from the system dictionary."

        The original appears correct: "effects" = "makes happen".

        The alternative is also viable: "affects" = "changes". However the "/does" suggests the author was trying to make it clear they really did mean "effects".

        1. Anonymous Coward
          Anonymous Coward

          'Effect' is a noun... 'makes happen' is an action (as in verb)

          'Affect' is a verb.

          1. Anonymous Coward
            Anonymous Coward

            effect

            ɪˈfɛkt

            noun

            1.

            a change which is a result or consequence of an action or other cause.

            "the lethal effects of hard drugs"

            an impression produced in the mind of a person.

            "gentle music can have a soothing effect"

            2.

            the lighting, sound, or scenery used in a play, film, or broadcast.

            "the production relied too much on spectacular effects"

            3.

            personal belongings.

            "the insurance covers personal effects"

            verb

            verb: effect; 3rd person present: effects; past tense: effected; past participle: effected; gerund or present participle: effecting

            1.

            cause (something) to happen; bring about.

            "the prime minister effected many policy changes"

          2. Trixr

            Actually, effect and affect are both nouns and verbs. Your explanation is incorrect.

            You can "create an effect" (noun). You can "effect a change" (verb).

            "x affects y" (verb). "A flat affect" (noun).

            Note that the last use of "affect" is not the same as "effect". If you said "a flat effect" you might be saying that the paintwork on a 3D object makes it look flat. "A flat affect" means an observed expression of emotion (used by psychologists).

            1. Youngdog

              Trixr/AC - Effect vs. Affect

              This debate is the reason IT professionals, who generally came from a maths background and not languages, started using 'Impact' instead of both to spare their blushes!

              1. Terry 6 Silver badge

                Re: Trixr/AC - Effect vs. Affect

                Believe me, getting this wrong is common. Very. Not just in the IT world.

              2. Anonymous Coward
                Anonymous Coward

                Re: Trixr/AC - Effect vs. Affect

                "IT professionals, who generally came from a maths background and not languages, started using 'Impact' "

                ...or "bork".

            2. Kubla Cant Silver badge
              Headmaster

              The OP wrote "already effected public systems". If he's using effect as a transitive verb then that would mean that Microsoft, or their patch, had created or brought about public systems. Notwithstanding its etymology, effect is rarely used with a concrete object; in fact its use as a verb seems to be confined to objects that have a sense of "change" or "result". This suggests to me that the word intended was affect.

              1. Anonymous Coward
                Anonymous Coward

                Am I the only one to not give a shit about the english and be more interested in the content?

                Serious stuff guys, maybe this is a "hidden encrypted" update that wasn't.

                1. Peter2 Silver badge

                  "It just boggles my mind how evern large companies and so-called 'professional' IT managers can see this stuff happening then still choose to buy more Microsoft products to run their entire businesses on."

                  Because large companies (or small companies) employing IT Professionals have WSUS (Windows Server Update Services) installed, which lets us choose which patches to install on our desktop estates.

                  Therefore, firstly we wouldn't have approved such a patch.

                  Secondly, even if we did approve the patch then it would have been deployed to the "canary" group first. (see canaries in coal mining) and we'd not have had a serious widespread problem even if it killed computers because it wouldn't have been deployed to essential staff.

                  Thirdly, everybody in the industry releases buggy software and screws up patches.

                  1. JustNiz

                    >> Thirdly, everybody in the industry releases buggy software and screws up patches.

                    Not really true. There are plenty of industries that can't afford to get it wrong even once, have unavoidable processes and do appropriate levels of testing.

                    Even if it was true, the real point isn't that someone made the mistake, but how professionally they recover from it and do the right thing after.

                    Not properly communicating what actually happened including explaining what the patch actually does is (yet another) highly unprofessional, blatantly arrogant cover-up by Microsoft instead of them doing the right thing.

                  2. jelabarre59 Silver badge

                    > Thirdly, everybody in the industry releases buggy software and screws up patches.

                    But the very fact that MS is going to insist upon forced, non-optional patches in the future means EVERY patch they release from now on is going to be under intense scrutiny. If they insist upon their current path, then nothing but 100% perfection will be considered acceptable. If they cannot guarantee that, then they *MUST* allow end users to opt out of updates. End of discussion.

                2. sabroni Silver badge
                  Stop

                  re: Am I the only one to not give a shit about the english

                  No. It looks like the start of this thread is full of grammatical nit picking purely to distract from a serious issue. MS sock puppets in false flag grammar outrage?

                3. Mark 75

                  While you have the right not to care about the English, other people do have the right to care about poor English, so get off your high-horse

        2. johnnybee

          Wasn't going to add to the pedantry, but (sorry OP)....

          The OP later used 'in the wild and effected public systems', indicating that the difference was not clear in OP's head.

        3. Christopher W
          Paris Hilton

          Downvoted for accuracy?

          Not by me. AC, you the real comments MVP.

          (Paris can tell the difference, unlike some of these commentards)

      2. Adam 1 Silver badge
    2. Jack of Shadows Silver badge
      FAIL

      Microsoft is getting too Oracle-y for my tastes.

    3. BobChip
      FAIL

      Enough!

      Microsoft seem to have an endless supply of "last straws". It is painfully obvious that they can no longer be relied upon to provide products which are fit for use, and that they cannot be trusted with user's data. Their remaining customers must be getting close to despair.

      I don't have a problem with any of this, because I abandoned MS completely about six years ago. But even from the standpoint of an outside observer, MS's behaviour beggars belief.

    4. Anonymous Coward
      Anonymous Coward

      @JustNiz

      As much as I hate MicroSoft, all I can say is: Shit Happens.

      We had a tech at the company I am at (hence the Anon) that, instead of causing the encryption suite to decrypt the laptop HDD, they told ALL of the laptops in the organization to decrypt the HDD.

      They traced it back to a poorly configured group membership in a product I wont name, but it's initials are ePO.

    5. DrBobMatthews

      Typical of Microsofts increasing arrogance over the last few years. From the "We know what is best for you school of failed PR executives" Every update that comes from Microsoft is examined, checked for viruses and scrutinised before anyone in my company is allowed to install it. As soon as a working alternative to Microsofts bloatware is available, Microsoft will be dumped.

  2. td97402

    Mistake or Hack?

    So was it a mistake on their part or did somebody actually pull off a major hack? After all their BS, doublespeak, spin and deception the past couple of years I am to the point where I am not sure I believe anything Microsoft says anymore and that is really too bad. I used to be an MS evangelist.

    1. Pompous Git Silver badge

      Re: Mistake or Hack?

      Have an upvote. I guess being a (lapesed) MS Certified Professional/Solution Provider counts as an evangelist. MS seem determined to keep me persisting in my conversion to Linuxen.

    2. joed Silver badge

      Re: Mistake or Hack?

      new MS for you.

      Just yesterday I installed 10 on brand new box. I cleaned it up/silenced it and then I realized that this system not only has little to offer to me but since I can't trust it I really have no use for it.

      As for the update - little surprise. With 7 on extended life support MS will be actively sabotaging it to convince masses to move over to new, "better" offerings (that also suit their vision). Whoever hasn't disabled auto updates yet, got another warning shot now.

      1. LucreLout Silver badge

        Re: Mistake or Hack?

        @Joed

        With 7 on extended life support MS will be actively sabotaging it to convince masses to move over to new, "better" offerings (that also suit their vision). Whoever hasn't disabled auto updates yet, got another warning shot now.

        Here, amongst us, I agree with you. Though I'm already on Win10 myself, and while Edge is not ready forproduction yet, the rest isn't too bad (privacy settings adjusted).

        However, thinking about the wider world.... most people buy a PC, plug it in, get the internet up and running, then never look at it again. BotNets would not exist were these people forced to update their OS and software patches, and scan their systems.

        Generally I don't favour compulsion for a great many things, but we've let things run unhindered for 20+ years and they're not getting the message. So, regrettably, I want those people forced to update, forced to have a firewall, and forced to have trojan/virus scanning enabled.

      2. BobChip
        Flame

        Re: Mistake or Hack? Defaults auto-reset by updates!!!

        Joed,

        "Just yesterday I installed 10 on brand new box. I cleaned it up/silenced it and then I realized that this system not only has little to offer to me but since I can't trust it I really have no use for it."

        I have also tried a test Win 10 install, overwriting Win 7 Pro on a redundant (Dell Latitude) laptop. I also cleaned up and reset the defaults to give me as much privacy / security as possible. Result? A not very good Win 7 install, as far as I could see, and nothing to make me want to switch back from Linux to MS.

        HOWEVER, while I was trying it out, a slew of MS "security updates" came through and installed themselves. To my astonishment, I found that the updates had reset all my privacy settings to the system defaults, overwriting my preferences - presumably this constitutes MS's idea of security, though it is certainly not mine. A quick trawl of the net suggests that I'm not the only one to have this happen, or that this behaviour is some peculiar property of the old laptop I was using. Who the hell could ever trust a manufacturer who can do that to you?

        The HD has been reformatted and the laptop now runs Mint 17 as a spare PC for one of the kids at Uni. End of story.

      3. HurdImpropriety

        Re: Mistake or Hack?

        LOL... insinuating that MacOS is better? Insinuating that there are no defects or procedure slips in any other development process ?? Welcome to AGILE .

      4. jelabarre59 Silver badge

        Re: Mistake or Hack?

        > ...With 7 on extended life support MS will be actively sabotaging it to convince masses to move over to new, "better" offerings...

        Ah, so MS is encouraging people to migrate to Linux, then.

    3. Anonymous Coward
      Anonymous Coward

      Re: Mistake or Hack?

      If it was a hack, Microsoft would cover it up.

      Reme!ber the massive Xbox live hacks that were widespread, with accounts emptied. Microsoft didn't want the bad press they generated over Sony coming back at them. The news was buried using thir mighty cash reviews to convince news sites they didn't want to run the story, not with advertising spending review imminent

      1. Anonymous Coward
        Anonymous Coward

        Re: Microsoft didn't want the bad press they generated over Sony coming back at them

        Right. Because MS installed the Sony rootkits.

  3. Gatt

    Upgrade or get garbled

    It's actually Microsoft's latest strategy to get people to update to Windows 10

    They will bombard them with garbled updates until the system is upgraded...

    1. Anonymous Coward
      Big Brother

      Re: Upgrade or get garbled

      That's no gobbledygook… it's cyphertext.

      It's too coherent to be gobbledygook. The domains are all appropriately punctuated (only dots, occurring in typical distribution), invariably https protocol and all carry the expected suffixes. Look closely Hans, you'll see wilful obfuscation. Encipherment or simply a private ( .mil would seem likely? ) DNS

      I have a very bad feeling about this.

      Where's that deathstar icon when you need it?...

  4. Chika
    FAIL

    I hate to say this, but...

    Well, what else could I say? This is why I wouldn't trust Microsoft's update setup as far as I could could comfortably spit a rat.

    (And this from somebody that is currently typing from a test Windows 2000 system! Yeah, sometimes I just ask for it!)

    1. Doctor Syntax Silver badge

      Re: I hate to say this, but...

      A W2K system should be relatively safe. It isn't going to get updates.

      1. John Tserkezis

        Re: I hate to say this, but...

        "A W2K system should be relatively safe. It isn't going to get updates."

        It isn't going to get drivers for modern hardware either.

        1. Chika

          Re: I hate to say this, but...

          "It isn't going to get drivers for modern hardware either."

          Very true, but then the system in question was running in a Virtualbox, so it had very little to worry about as far as drivers were concerned, and it worked quite well considering the amount of time that has passed since support ended. Ah, well, I'm safe back on my openSUSE system now.

          Misty-eyed nostalgia... now where's the icon for that, then, Reg?

    2. chivo243 Silver badge

      Re: I hate to say this, but...

      I love Win2000, I might just spin up a VM with it today for old times sake ;-} I too am skeptical of MS updates, especially for desktop systems. I'm glad I can count all MS desktops I must manage on two hands...

  5. iMap
    FAIL

    'Rogue Patch'...

    probably another attempt to install telemetry update for Win7 users to migrate to Win10 disguised as a language pack!

    I ain't movin' (until 2020 that is) then it's linux across my network...

    unless MS get rid of that stupid tile system UI

    1. King Jack Silver badge
      Facepalm

      Re: 'Rogue Patch'...

      So the spying part is fine... just get rid of the tiles? um, OK.

    2. Anonymous Coward
      Anonymous Coward

      Re: 'Rogue Patch'...

      Classic Shell with its Classic Start Menu option gets rid of those tiles nicely. Just be sure to turn off each tile first or they will still update in the background, wasting network bandwidth.

  6. Henry Wertz 1 Gold badge

    Was it really a test?

    Was it really a test? I'm rather suspicious of the garbage URLs.

    If it was:

    NOTE TO MICROSOFT: Per RFC2606, .test and .example top-level domains are set aside for tests and examples. example.org, example.net, and example.com domains are also reserved for tests and examples. All these domains are held by IANA (Internet Assigned Numbers Authority) so they will never be assigned. You are not to use (random crap).org, .edu, or .gov, because they (theoretically) could be assigned at any time (and, in fact, if these links had been kept up, scammers could have registered at least the .org domain, while they could never have gotten an (whatever).example.org domain.)

    Second note: Perhaps you should put "test update" somewhere in the update description, so if it's leaked it's not so mysterious.

    1. Anonymous Coward
      Big Brother

      Re: Was it really a test?

      Stupid foboff reeks that familiar reek of the NSAFT _NSAKEY stupid foboff.

      So, it would appear NSAFT/US.gov has private obfuscated infrastructure in place for distributing special private patches among it's other strategic assets. Hardly surprising. The halfwits appear to have accidentally pushed one out over the public pleb-and-foreigner system. Hardly surprising. Said special patch wasn't installed on the great unwasheds' unblessed systems. Hardly surprising. NSAFT will now presumably have to release that formerly special, was to be private, patch for a useful backdoor out to the riffraff in order to convincingly brush off the little incident. NSA now down one 0-day. No biggie. Nothing to see here. Move along...

    2. DrBobMatthews

      Re: Was it really a test?

      You must be totally deluded if you think that the children employed by Miccrosoft can read! They are not software systems developers or software engineers. Just a bunch of rotten PR execs and sleazy Marketing guys.

      1. jelabarre59 Silver badge

        Re: Was it really a test?

        > You must be totally deluded if you think that the children employed by Miccrosoft can read!

        They can read, just not English. Perhaps it's written in Hindi?

  7. Dan Paul

    Just the thing to....

    send the tin foil hat brigade over the edge and then some.

    Not that it might even be warranted suspicion, given the way they put .mil, .edu and .gov extensions on the support links.

    By the way iMap, just once you might try Classic Shell (It's free at www.classicshell.net) and see what it does for even Windows 7 though it works great on all more recent versions of Windows and lets you make customizations that you will never be able to do without such a program.

    It solves every case of Win 8, 8.1 and 10 buyers remorse I have ever seen. Most people say "Great, you put Windows 7 on my new computer! Now I can use it". OR you could continue to whine and complain and threaten. And I don't sell for them or get a kickback.

    1. dan1980

      Re: Just the thing to....

      @Dan Paul

      There are two problems here:

      1. That the updates was released accidentally - that is very concerning with the move to forced updates in Win 10 but worrying even without that.

      2. The nature of the text.

      Problem 1 is clear and being concerned about it should be a natural response for any right-thinking IT bod.

      Problem 2 is presumably what prompts you to invoke the 'foil hat' label. I see that but this is concerning enough to be at least a little skeptical. As someone above said, it's clearly cipher-text rather than just random characters and it's the URLs which are most concerning.

      I am not overly troubled by this but I think there is enough to worry about here to warrant a much more detailed response by Microsoft.

      1. Dan Paul

        Re: Just the thing to....

        Dan1980,

        It was a botched update they already pulled from circulation.

        That issue was explained by other posters and websites quite sufficiently and convincingly.

        However, the "Tin Foil Brigade" got together with the "Black Helicopter Troop" to announce some big conspiracy and cover up by the ever more "malicious" Microsoft.

        Ganging up on anyone who criticizes an anti-Microsoft rant seems to be de rigueur here and rather Apple-ite in nature. Who's acting like Scientologists' now?

        16 downvotes is quite enough proof of that accusation.

        1. dan1980

          Re: Just the thing to....

          @Dan Paul

          Just speculation - as I can't speak for others and I didn't down-vote you - but perhaps the problem was that you dismissed peoples' concerns by labelling them as akin to conspiracy theories.

          One big problem in today's world is that it has been proven that companies like Microsoft have been working with the government to provide access to user data in secret and on a massive scale. Whether MS were compelled to do so or not is largely irrelevant - it happened.

          I don't, personally, believe that this update was anything untoward but I don't automatically discount the views of people who are worried that it wasn't because they are justified in being skeptical and suspicious. Moreover, (recent) history has shown that bad things happen when people are not skeptical, when people take the "don't be silly; it would cost way too much to do that" approach or assure everyone that "they have better things to do that spy on us".

          Maybe that makes me a foil-hat wearer but, while much paranoia is unwarranted, it is a proven fact that being paranoid doesn't mean that you aren't right too.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019