back to article Microsoft adds 'non-security updates' to security patches

Microsoft has added “non-security updates” to an Update Tuesday patch. MS16-023, billed as a “Security update for Internet Explorer” and issued on March 8, includes six “General distribution release (GDR) fixes”. Five are innocuous as they address glitches like “Empty textarea loses its closing tag in Internet Explorer 11 …

Bronze badge

Re: As many PC users think IE is the Internet...

"There hasn't been a monopoly on the desktop since Apple went Intel. No-one is stopping you driving a Ford Cortina or a Sierra, but Ford quite sensibly won't sell you one and your safety will be compromised by modern standards. It's a Mondeo v5 or nothing (from Ford)."

What if Ford were taking in your V4 Mondeo and giving you a V5 for free but asking you to have a big sign printed on the side or the car and your house saying "I love ford"?

4
1

Re: As many PC users think IE is the Internet...

(Hoping I've learnt something from Worral).

I think the desire on the part of a vendor for a monopoly is entirely natural, more profit, but the market naturally suffers if the monopoly is reinforced by unreasonable rules, bonuses or other behaviour.

If the monopolist raises prices too high, or drops quality too low, or restricts supply to greatly, et. then the market should respond by allowing other suppliers to come to market.

2
0

...saying "I love ford"?...

I'd take the upgrade. £20k+ of car for putting a sign on my wall? I'm a businessman. I'm taking that deal.

Having said that, the seven Win10 machines here have shown no signs of redecorating my house (so far). All they're doing of any significance to me is running faster and requiring fewer reboots.

I have a Tails VM if I want to browse exotic porn or access embarrassing web sites like the Daily Mail.

4
10
Silver badge

Re: As many PC users think IE is the Internet...

>>What if Ford were taking in your V4 Mondeo and giving you a V5 for free but asking you to have a big sign printed on the side or the car and your house saying "I love ford"?

That would be so fucking cool, a new car for an old one and advertising, I'm in!

Parking the same model of car on your driveway for 20 years already says the same thing - this is just getting paid for it.

As a side note, I never get any upgrade to 10 stuff on my Window system, haven't for ages and ages. Must be because I run W10, saves so much effort trying to stop it installing. Now most of the bugs are sorted, it is stable, no reboots required for dodgy IE processes in W7 (which I mostly loved), Edge crashes occasionally but remembers every tab in every window and puts them back in no time, (although not exactly where they were) even after a reboot - never, ever happens with Firefox on my Ubuntu system "Well, that's embarrassing...".

2
11

Re: As many PC users think IE is the Internet...

@ Lysenko Yes but the damage is already done. Most software today only runs on Windows, e.g. try programming a PLC on a Mac.

@Tim Sorry I think I misunderstood you, I downvoted your first comment so I'll upvote your second!

1
2
Facepalm

Re: As many PC users think IE is the Internet...

What kind of free market is it when it's next to impossible to buy a PC without paying the Microsoft tax?

18
2
TRT
Silver badge

Re: As many PC users think IE is the Internet...

Yeah, Ford came and took my V4 in the middle of the night and stuck a V5 on the driveway, but I can't and don't want to drive the f***ing thing because they've moved the controls behind the side-window de-misting vent, done away with the gear stick, painted the interior in vivid hues (as in *heeeewwwwssss*) of 8-bit vomit, don't trust me to even change the tyres myself anymore, upload all the GPS tracks, sat-nav data and dash-cam footage to their servers and only let me stream music to the ICE.

28
0

try programming a PLC on a Mac.

I program PLCs and other embedded stuff all the time. On Linux. That's the reason I mostly use Linux. I could use Windows if I wanted to, but it just makes things more awkward since if there is an embedded OS at all it will be Linux, FreeRTOS or VxWorks. Some of our competitors use WinCE (and descendants) though. I take your point in those cases.

9
1
Silver badge

@massivelySerial.

I upgraded my windows OS for free, from 95, to 98, to xp, to 7.

Those of us who know how to use SLIC and other means don't pay M$ anyway.

If M$ are going to pull shit like this, then whilst ever I can obtain their OS for the grand price of nowt, I will do so.

1
5
Silver badge

Re: As many PC users think IE is the Internet...

> You complain about socialism being stupid

No he didn't. He stated that socialism was difficult to eradicate and that stupidity was difficult to eradicate and that they were alike in this respect, and possibly that only in this respect are they alike.

He made no indication about whether he liked socialism or not, or whether it was a good thing or bad.

However, he did imply that failing to understand what was written was one of the fundamental stupidities.

7
5
Silver badge

Re: As many PC users think IE is the Internet...

> All partakers in a capitalist free market desire to be monopolies don't they, if they want to make more money than others and have more customers?

That is the doctrine of Bill Gates where 'winning' means that everyone else (including the customers) lose. But not everyone in the market wants to be a monopolist. Apple, for example, can make more money (profit) without being the only one in the market by the simple method of being the best, it leaves the low end to many others.

9
0
Silver badge

Windows at work meant I wanted to avoid it at home

"it is time to realise that people who spend 8 hours a day working on a windows PC for their job, are familiar with Windows and applications, so they want windows at home too."

Not quite so fast.

I started looking for an alternative to Windows for home precisely because I was using a Windows PC for so many hours a day at my job. I specifically did not want to repeat the experience at home.

2
0
Silver badge

Re: As many PC users think IE is the Internet...

"Surely - in an admittedly over simplistic view - a monopoly is sometimes going to be the end of a free market if a free market is many people starting with similar products? All partakers in a capitalist free market desire to be monopolies don't they, if they want to make more money than others and have more customers?"

Monopoly is ultimately the end game of capitalism (thus I sometimes call it "Winner Economics"). I compare it often to a poker tournament. Everyone buys in, but eventually the competition whittles down as people bust out, and if you keep at this long enough, you eventually have the last one standing: a de facto monopoly.

0
0
Yag
Devil

Well, upgrading to Win 10 is vital for security.

Security of Microsoft's long term business plan, of course.

20
1

Stating the Obvious

This seems to be to get around people who have taken control of Windows Update to prevent the crapware for Windows 10. But, in all likelihood, if someone is that savvy to control updates themselves then they probably aren't using IE11 (e.g. I use Firefox). So exactly how is this strategy going to work?

As an example, I've switched off all automatic updating in my W7 partition (which I use for one or two things on my laptop, the rest of my work is done via Linux Mint), and now manually kick off the update process and check through the available updates to deselect and hide anything I don't want. IE11 doesn't get a look in.

14
0
LDS
Silver badge

Re: Stating the Obvious

The problem is the IE engine is also used in other applications. So if you don't patch it, you may be vulnerable even if you don't use IE to browse the web.

Sneaking something like that into a security update it's truly a sleazy move. Nadella and the Bollysoft crew are utterly unable to understand the long term costs of their behaviour.

34
0
Mushroom

Re: Stating the Obvious

Yep. LDS gets it. You only have to go to "Internet Options" in Internet Explorer to realise just how deeply interlinked Internet Explorer and Windows are. Some settings even go as far as telling you that you need to RESTART YOUR ENTIRE PC in order for said settings to take effect.

The fuck?

And don't even get me started on those bloody security zones.

And proxy settings.

And maker knows what the hell else.

18
2
Silver badge

Re: Stating the Obvious

"The problem is the IE engine is also used in other applications. So if you don't patch it, you may be vulnerable even if you don't use IE to browse the web."

Indeed. When I went through the updates, I saw 3139929 was for IE, but let it install even though I don't use IE precisely because of other stuff using the engine.

And, as the article suggests, I didn't notice the sneaky payload those bastards at MS added to it - but even if I had, I'd still have let this one install because of the above. Catch 22*.

* Until I have time to sort out a spare machine, install a suitable Linux variant on it, and either find suitable equivalents of all the software I need, or ensure I can get existing stuff running.

4
1
Silver badge

Re: Stating the Obvious @Aniya

So you mean YOU don't know what and how to configure IE to stop all that shit?

0
6

Re: Stating the Obvious

The problem is the IE engine is also used in other applications. So if you don't patch it, you may be vulnerable even if you don't use IE to browse the web.

Sneaking something like that into a security update it's truly a sleazy move. Nadella and the Bollysoft crew are utterly unable to understand the long term costs of their behaviour.

But, I can let the IE11 patches go in. Because I don't open IE11 to use it for browsing, I don't see how I'm supposed to see the advertising for Win10...

0
0
Silver badge

Re: Stating the Obvious

"Until I have time to sort out a spare machine, install a suitable Linux variant on it, and either find suitable equivalents of all the software I need, or ensure I can get existing stuff running."

You'll be in for a long wait, I reckon. Too much software is WINE-unfriendly and has no Linux counterpart, which is why I had to come back to Windows.

0
0
Anonymous Coward

Explanation

Coming in a few days:

"Oops, this was a mistake, we never intended this patch to get included with security updates. It has been removed as part of that patch group." [Now that we've got a couple million more people to accidentally switch.]

20
0
Terminator

It didn't happen to me

Ran the updates the other night. For whatever reason, KB3146449 wasn't installed on my machine.

However, KB3035583 was included in the list of "Important Updates" again FOR THE FIFTH TIME.

I keep unchecking it and hiding it. It keeps coming back like pernicious cancer.

Here's my compiled list of unwanted WX and telemetry "updates" which I keep an eye out for. You can put these in a batch file and run as Administrator:

wusa /uninstall /kb:2952664 /norestart

wusa /uninstall /kb:2976978 /norestart

wusa /uninstall /kb:3022345 /norestart

wusa /uninstall /kb:3035583 /norestart

wusa /uninstall /kb:3068708 /norestart

wusa /uninstall /kb:3075249 /norestart

wusa /uninstall /kb:3080149 /norestart

wusa /uninstall /kb:3146449 /norestart

I have W7, so there are actually several more which W8it users should worry about. Once you run the batch, reboot, then launch WU, Search for updates, and manually hide each of the KBs which come back. That'll keep them at bay until microcrap sends the secret signal to unhide them again, heh.

16
0
Silver badge
Devil

Re: It didn't happen to me

I don't know what that latest Patch Tuesday contained but the computer was there for two hours with "do not turn off this computer... installing update 1 of 2..." on the screen.

I'm going to have to go through the update history now to see if it was installed or not. That'll teach me to value my time and think I can get away with it by allowing automatic updates with optional updates disabled.

12
0
Silver badge

Re: It didn't happen to me

Yesterday I was teaching Javascript, delegates ran a mix of Apple and MS Windows machines. Someone's PC (running MS Windows) decided to update and was unusable for 1.5 hours. The lady just accepted it - 'it happens'.

How on earth are you supposed to run a business when some of the kit randomly goes on strike ?

32
0
Bronze badge

Re: It didn't happen to me

"How on earth are you supposed to run a business when some of the kit randomly goes on strike ?"

You don't. You have proper update systems in place to stop it happening. I am in an office with 18 Windows and 2 Apple PCs and this doesn't happen here. Why? Because they are all configured correctly. The issue here isn't Windows but the IT department behind that persons company,

4
21

Re: It didn't happen to me

@AustinTX

If your using Win 7, why do you have a Win 8/8.1 KB listed?

KB2976978 is the Win 8/8.1 'Compatibility update', KB2977759 is the Win 7 version.

I've also got KB3083710 and KB3112343 on my blacklist, but otherwise have essentially the same list as yourself (I'm also on Win 7).

0
0
Silver badge

Re: It didn't happen to me

"You have proper update systems in place to stop it happening. I am in an office with 18 Windows and 2 Apple PCs and this doesn't happen here. Why? Because they are all configured correctly. The issue here isn't Windows but the IT department behind that persons company,"

Your "I'm alright Jack, so everyone else should be too, unless they're stupid" attitude is fundamentally flawed.

Don't forget that a business can be small enough that the people working there don't have the requisite IT knowledge, and the business itself doesn't have the budget to either have an IT department or contract someone else to look after their computers on a regular basis, instead bringing in a third party when things go wrong.

27
0
Bronze badge

Re: It didn't happen to me

"Your "I'm alright Jack, so everyone else should be too, unless they're stupid" attitude is fundamentally flawed."

I see your point in some cases. In those cases I think that automatic updates are a great solution. The compromise will be that occasionally there is down time. But there is an option to delay reboots in pretty much any Windows update.

1
16
Silver badge

Re: It didn't happen to me

You don't. You have proper update systems in place to stop it happening. I am in an office with 18 Windows and 2 Apple PCs and this doesn't happen here.

Yet if you take the PCs home and they decide to phone home to Windows Update...

7
0
Silver badge

Re: It didn't happen to me

The issue here isn't Windows but the IT department behind that persons company,

No, the issue is that most small businesses have NO IT dept and never will. There is no budget for it. Not even the once a month visiting tech.

These size businesses make up the larger part of the everyday business world and they are NOT tech savvy.

16
0
Vic
Silver badge

Re: It didn't happen to me

the issue is that most small businesses have NO IT dept and never will. There is no budget for it. Not even the once a month visiting tech.

All other things aside, this attitude needs to change. PCs are, generally speaking, a necessary tool for the business. Not having someone look after them is like a delivery company deciding not to look after their vans; sooner or later, those essential tools will fail to work for the business (and may actively work against it).

Businesses can find budget to service their vehicles. They can find budget to clean their offices. They can find budget to have accountants sort their tax paperwork. They need to understand that servicing their computers is just as important as any of these other items.

Vic.

3
5
Anonymous Coward

Re: It didn't happen to me

"These size businesses make up the larger part of the everyday business world and they are NOT tech savvy."

OK. So now might seem like a good time to

(a) start thinking about what budget they can afford, if IT matters to the business

(b) start looking at affordable locally supported alternatives to Microsoft

2
1

Re: It didn't happen to me

Wow you have restored sanity there are some people who really understand business IT I was beginning to think logic had gone from this forum

0
2
Anonymous Coward

Re: It didn't happen to me

"Businesses can find budget to service their vehicles. They can find budget to clean their offices. They can find budget to have accountants sort their tax paperwork. They need to understand that servicing their computers is just as important as any of these other items."

We're talking businesses small enough that (a) there are no company vehicles (a prerequisite for a position there is owning a car), (b) cleaning is self-done on an "as needed" basis since clients never see the innards, (c) the owner is the one who does all the money matters and therefore files the tax paperwork, and (d) the margins for many of these businesses are razor-thin. They can't get the business any more stable in today's cutthroat world; sure, one mistake and you're dead, but the alternative is to be dead already. Sorry, but c'est la vie. If people have to play tight to live, they'll play it as tight as they have to, even if that means a business of one.

2
1
Vic
Silver badge

Re: It didn't happen to me

They need to understand that servicing their computers is just as important as any of these other items.

OK, here's a question for all you downvoters:

Why do you believe that companies shouldn't look after the tools on which they rely?

Vic.

0
0

We've no idea what that means, so have asked Microsoft

I'll save you the bother. It means they are a bunch of c***s.

As has already been said, I'm not sure what they think this will achieve - those of us who have blocked W10 by switching to manual updates or other means are unlikely to be using IE, so will never see this.

24
0
Anonymous Coward

"Windows 10 is growing nicely,"

Just like a cancer, to paraphrase Steve Ballmer.

24
1
Coat

Edge case

Am I right in thinking some crap old laboratory instrument software, that hasn't been patched since day 0; That none-the-less is vital to business function will be bolloxed once M$ get their way and insert 10 up my exhaust pipe? If anyone at M$ reads this drivel, take note that VM/containerized windows 7 images from a linux host are looking very appealing at the moment. I find it strange there hasn't been a lot of noise from business communities about the data security of windows 10.

22
2

This post has been deleted by a moderator

noise from business communities about the data security of windows 10...

Businesses are mostly going to be using Enterprise SKUs and controlling telemetry via group policies. The Win10 "privacy nightmare" is almost entirely about the Home SKU left with its default settings and no organisation with a competent sysadmin is going to allow that to happen either now or at any time since MS-DOS.

2
11

Re: noise from business communities about the data security of windows 10...

That is quite funny, if you think that MS turn off all telemetry for Enterprise, do you really think the WUS doesn't communicate with MS, how does it download any updates for the business then ?

What does it send to MS, since it is encrypted, I doubt anyone would know except MS of course !

How much data does it send, how often does it sent it and what exactly is it sending and are you sure that it is only requesting the latest security patches or updates or is it also sending other information, maybe stats of what networked device's are connected to it, maybe other information too !

Of course this would be Commercial suicide if it were caught, but since it's communication is encrypted then how would you know ?

But MS would never do this would they or maybe they would ?

18
0

Re: noise from business communities about the data security of windows 10...

You thought I was concerned about big business, I was referring to the large number of SME's that have little if any IT support staff, and usually piloted by a bonafide IT illiterate. They may not make redmond rich individually, but they are significant in the great scheme. Probably more so when you consider there reduced ability to haggle.

13
0

I was referring to the large number of SME's

Kevin's Bargain Garage Door Emporium probably doesn't give an aardvark's left gonad if the OS uploads the entire contents of the hard drive to Redmond. If they're ever talked in Office 365 or OneDrive or Azure then the entire selling point is uploading everything to Redmond.

1
8
Silver badge

Re: noise from business communities about the data security of windows 10...

> maybe other information too !

It is very likely to include software usage data so that 'audits' are automated and the 'software assurance' invoice is updated immediately (and permanently) every time each computer accesses something they weren't already licensed to do so.

5
0
Anonymous Coward

Re: Edge case

Any business that does not keep there systems patched up are playing with fire as for windows 10 we shall be rolling out to 2000 pcs later this year, not a problem

0
2
Silver badge

Re: Edge case

" If anyone at M$ reads this drivel, take note that VM/containerized windows 7 images from a linux host are looking very appealing at the moment."

If it's very expensive custom hardware using customized drivers, you'll find that virtualizing isn't an option because that kind of hardware can't be virtualized. Remember the time someone mentioned a six-figure computer-controlled lathe that ran XP because it was the last Microsoft OS that had drivers for the ISA bus that ran the installed custom controller board that couldn't be updated because it was part and parcel with the machine?

2
1
Anonymous Coward

Reverse class action lawsuit

That is all.

Who is with me?

3
1
Silver badge

Re: Reverse class action lawsuit

Sorry ?

You mean for Microsoft to sue all its customers ?

Nope, I'm not really with you on that one.

16
0
Silver badge

Brainstorming

There's a bunch of people in a conference room right now in Redmond plotting which increments to make this worse. Don't even think this is all of it by half. It isn't.

19
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017