Quick! Rush out a new fix without testing it!
...and repeat, ad infinitum...
Microsoft on Tuesday posted KB4464330 (Windows 10 1809 Build 17763.55) in an effort to halt the damage done by last week's Windows 10 version 1809 update, but it hasn't quite worked. Reports of update inflicted file deletion and loss of internet connectivity for Microsoft Edge and Microsoft Store apps have died down. But users …
They've been doing that pretty much since Worries for Windows. Even though it became very much obvious during Windows Vista, they achieved enough lock in to survive that.
I'm very unimpressed with their software, but you must admit that their machinations to keep their claws into a market the quality of their software doesn't deserve for some 3 decades is impressive. If they spent 20% of that investment and effort on the actual products they would not have to troll forums..
This week’s Win10 update ‘only’ deleted my Audio drivers on a modern HP lappy, matter of minutes to d/l 300mb & install successfully from hp.com, as all the built in ‘repair’ tools in the “Service called Windows Ten”, formerly an OS, refused to acknowledge there was any problem with audio.
Likewise....everyone loves waking up to their laptop, starting a teams meeting and then realising there are no audio drivers because Microsoft have decided it should be deleted.
Yet literally everyone accepts this level of shoddiness "well it is kind of free", so is MacOS and not once have i updated my 8 year old Macbook and had it forget how to play sound!
"so is MacOS and not once have i updated my 8 year old Macbook and had it forget how to play sound!"
Funny you should mention that but certain models of iMac had exactly that problem after updating to a particular MacOS, I forget whether it was Sierra or the one before that but essentially all the iMacs we had of a particular model stopped being able to output sound via the internal speakers following the update.
To be fair it was a trivial fix, plugging something into the headphone jack and unplugging it fixed it, but the principal is the same, it should never have happened.
In some ways you could blame Microsoft less for this, they can't realistically test Windows updates on every conceivable bit of hardware that it may be running on. Apple on the other hand have a much smaller set of hardware to test, and they make all of it!
Did the same thing to my ASUS. Exact same scenario. Wife was looking for a new laptop so I scanned some recent reviews and found a log of Lenovo users complaining of what looked like the same thing.
Why is windows trashing, apparently across multiple brands, sound drivers? Have they no QA? (Yes, I know, rhetorical question.)
From the article: "The update debate has divided security experts about whether automatic updates are more trouble than they're worth"
Obviously more 'cons' than 'pros'. See icon.
But, will Micro-shaft do what the CUSTOMERS want? (let alone security experts)
(snarky, hysterical, uncontrollable laughter follows)
You do realise that's like buying a car and the brakes fail then blaming the owner because another model had issues with the same software. I'm not a fan of either to be honest from personal experience (Windows 10 that is and HP to some extent) but you can't generalise like that.
Every OS and hardware manufacturer has had problems over the years.
I'm not sure it was ever best of breed (really ancient Laserjet printers were good I suppose) but if it was, it was a very, very long time ago indeed.
Every manufacturer has their problems but very few have been so consistently poor in my experience than HP, particularly with laptops. The servers are OK I suppose, if you forget about that time when they said you'd need a support contract in order to get continued firmware updates...
It's outrageous IMNHO that Microsoft can cause untold damage to millions of people and businesses worldwide and escape all accountability for their negligence in not properly validating OS and software updates. These preventable losses in the many millions are a result of pure negligence by Microsoft. Why is it that consumer protection agencies have allowed Microsoft and other companies to wreck havoc on PCs via blatant neglect when these updates can be validated prior to distribution? If there is no accountability for damages then there is little incentive to deliver proper updates.
Businesses would be stupid to allow automated patching like this.
at a minimum TEST -> PILOT -> PROD
While MS are cuplable for a bad patch, the business is responsible for ensuring it does not cause problems for their staff. Very easy to do if you are using WSUS, BigFix, LANDesk
If you follow the minmum of a 3 step cycle and expose more machines each time, your TEST and PILOT phases - if correct - should cover most of your client and server configurations (of course, how you get these phases populated is up for discussion)
The above is all well and good if you're running a business
But if you are Mr Average HP owner running win10 home edition and suddenly your laptop is hosed.... what are you going to do about it?
Apart from have to pay someone to fix it.
Maybe thats why m$ dont do as much QC work to their software.. because they get a kickback from every mom and pop computer store for fixing 1000s of pcs when auto update hoses them...
"Not all businesses have on staff IT people"
And that is the problem, if you are going to operate a complex machine you need to hire experts who know how to properly maintain it.
Despite what microsoft claim, windows is simply not suitable for non technical users - keeping it running reliably and securely is extremely difficult and requires highly skilled (ie expensive) people to do so.
hogwash. Windows 7 ran happily with updates set to automatic. I cannot think of an updatr that caused as much damage as 1809 w10 update.
A small garage running an MOT PC, an accounts PC, a diagnostic PC and a general office PC would not have extwnsive IT staff. They would buy preset up dells, use a business internet line with managed firewall and away you go.
w10 is a nightmare. it auto updates major releases and has little rollback capability. The inbuilt w10 backup is shite, you need to use the legacy backup (or veeam). provisioned apps are amongst the most stupid things available, especially baked in shite in lower than enterprise versions.
W10 is a train wreck and hopefully a few large businesses will take on a linux rollout to wake MS up.
I’m not kicking back squat to micro$oft! But I sure catch a lot of grief from customers when I have to charge them to fix their computer after a Windoze 10 update borks their computer. Having to wipe and reload is NOT an acceptable answer to a bad update.
> They've got a bunch of keys to launch the browser, printer, calculator, etc...
The last W10 update hosed the key I used, I found it very useful having a key for controlling the screen brightness rather than having to going through all the settings menus. But since it was useful MS decided it would no longer be allowed and stopping it working.
The last W10 update hosed the key I used,
As per that link my setup was in 'C:\SWSETUP\APP\Applications\HP\HPHotkeyS_SS9NB2\220.127.116.11\src'. Ran that, rebooted and keys were working again. If can't change brightness even from display settings, manually update the graphics driver.
These keys (sometimes called media keys) have keycodes attached to them and the OS itself is supposed to recognize these (such does Android). It's pretty much Windows's fault.
But writing a whole DEVICE DRIVER for that is, as you said, truly nonsense.
recording keystrokes? If that's the case, what's different about Microshaft slurping your activity and sending the data back to Redmond? You know, so "the store" can offer you "smart suggestions"...
From Joe Belfiore's infamous keynote speech at a dev conference shortly before win-10-nic released...
"As I'm using my PC, on the client we know which apps you're launching, and which apps you're installing, and so we're able to communicate with the store and bring down suggestions that are personalized for ~you~, to help users learn about great new apps that are available for them to try out on their PC"
In any case, I am starting to think that maybe HP has had WAY too much of Micro-shaft's coolaid...
[they would do well to ship with Linux as their primary OS, instead]
"This is why auto-installed updates are so dangerous," observed Steve Bellovin, a professor in the computer science department at Columbia University, via Twitter.
But Washington Post reporter Barton Gellman defended auto-updates, arguing they do more good than harm.
So lessee here...on the one hand, you have a CompSci professor (who fully understands the Second Law of Computer Science: "You can't change anything without fucking something else up") who thinks cramming updates down one's throat is a bad idea. On the other hand, a newspaper hack (who likely can't tell the difference between Windows Explorer and Internet Explorer) saying its great.
Hmmm...I wonder who I should believe...
Barton and Alex miss two major points:
1) Earlier Windows versions received mainly small security updates and the odd bug-fix. Windows 10 receives huge "feature" updates every few months. There is no security benefit to new features, just the chance of disruption.
2) Modern Windows 10 updates do not have the same stringent testing and QA that updates for earlier Windows enjoyed. Not saying MS never released buggy updates previously, but you have to admit that problems are more common now.
Nobody is arguing much about security updates. The issues being faced by the majority of people however are coming about when big "Feature" updates are forced upon them. These don't provide security, but do leave a trail of borkage in their wake.
Barton Gellman is a little bit more than an average 'newspaper hack'. He led the Washington Post's coverage of the Snowden leaks, interviewing Snowden personally, and quite probably has had to deal with Information Security in an up close and personal way as part of that process - most of which he either can't (or won't) talk about. It's worth reading his Wikipedia profile.
This is not to say his real-word experience trumps Steve Bellovin's knowledge*, but I would say Gellman's background shows signs of at least having relevant knowledge. Purely in journalism terms, he has fairly good credentials:
Gellman has contributed to three Pulitzer Prizes for The Washington Post, winning as an individual, team member and team leader.
I wouldn't characterise him as a hack, and I'd lay good odds on him knowing the difference between Internet Explorer and Windows Explorer.
The actual issue is an interesting one; I suspect a nuanced answer might be appropriate: the average user is best served by applying updates as soon as practicable after they have been applied and found to be good by experts. This allows experts to use their expertise in recovering from unexpected glitches, and the population of average users benefit from across-the-board improvements in security. I suspect Microsoft, in part, moved to forced updates because so many people did not update, exacerbating security vulnerabilities. We all know of devices without firmware updates, even if they are available, because most people don't regard applying updates as important. Microsoft, in theory, should be ensuring that updates go without a hitch (i.e. they are the 'experts' people wait for): and for the most part they do, but failures are, quite rightly, high profile.
I think a good argument can be made for automated updates improving the general level of security, but I would also say that experts should be given the tools to opt out of updates where it is, in their opinion, necessary.
*Steve Bellovin's blog (SMBlog — Steve Bellovin's Blog) is always an interesting read for me. I have learned a great deal from it.
In general keeping the OS and applications updated is a 'good idea/. But the devil is in the details as to the precise installation timing. Some have to vet hardware or software to be sure something mission critical will work afterwards. Others need to wait to when they have some free time so the update does not interrupt work. Also, if there is no active exploit updates or serious security risk updates can be delayed to more convenient time. The idea that one must always update toot suit just because they are available is unrealistic and possibility catastrophic for the user. But must advice is not tempered with any clue about the real world but is only applicable to some academic dream world.
Minor nit. The first thing that generally happens when updates are released (okay, inflicted) is the rush to reverse the update to find what vulnerabilities are patched for by the malware communities. The tools are readily available, I've got most of them here, it's more a matter of how much effort is required for a particular level of return.
Therefore, if those vulnerabilities weren't being actively exploited, you can be assured in a few days/hours it will be actively exploited.
Biting the hand that feeds IT © 1998–2019