back to article Windows 10 shattered Remote Desktop's security defaults – so get patching

Microsoft has issued its January batch of security updates – including what will be the final round of patches for many versions of Internet Explorer. The first Patch Tuesday monthly security release of the year includes fixes for 25 CVE-listed flaws in Windows, Internet Explorer, Edge, and Office. Among the patched bugs are …

  1. Anonymous Coward
    Anonymous Coward

    Zombie patch to enable W10 upgrade?

    KB29522664 has re-appeared as a pre-ticked "important" patch. IIRC this has been killed and hidden several times already?

    1. ZSn

      Re: Zombie patch to enable W10 upgrade?

      I have uninstalled and hidden that one several times. It nearly got me again this time. It seems to keep getting through. What next, Microport coming around and threatening to kill your family if you don't update to windows 10,?

      1. agatum
        Trollface

        Re: Zombie patch to enable W10 upgrade?

        > Microport coming around and threatening to kill your family if you don't update to windows 10,?

        Yesterday evening my doorbell rang but I did not dare to open.

    2. Mark 85

      Re: Zombie patch to enable W10 upgrade?

      I think this is old "hammer them until they give in" game MS is playing. Either we'll forget to check for it, they'll wear us down to the point we let it install, or they'll figure out a way to force them to install.

      I'm beginning to think that the wrong company has been labeled "the Borg"....

    3. joed

      Re: Zombie patch to enable W10 upgrade?

      On my system all previously hidden updates showed up ready to wreck havoc. Soon I'll know them by name (though going by release date proved fine as none showed current date, this made the job easier).

      I don't recall clearing cookies (IE is "uninstalled" from the system some time ago) so FU MS.

    4. Anonymous Coward
      Anonymous Coward

      Re: Zombie patch to enable W10 upgrade?

      well, you didn't expect them to give up, just like that? If anything, they'll step "it" up in the coming months, to drag in as many users across the world as possible.

    5. Captain Badmouth
      Big Brother

      Re: Zombie patch to enable W10 upgrade?

      Isn't that KB2952664? I just checked and it's sneaked back onto my win7 machine.

      Bast*rds.

      1. Anonymous Coward
        Anonymous Coward

        Re: Zombie patch to enable W10 upgrade?

        On my other W7 PC KB3035583 (W10 upgrade app) has also been reinstated by Windows Update as pre-ticked "important" - even though it has been removed and hidden several times.

  2. mr.K

    Slow

    And checking for updates now takes forever.

    I don't have time for this, I have sleep and work to do.

    1. AMBxx Silver badge
      Boffin

      Re: Slow

      It's strange - Windows 7 is taking an age. Windows 2012 R2 is fine. Windows 10 good too.

      At least on my PCs.

      1. Anonymous Coward
        Anonymous Coward

        Re: Slow

        Same here, the last half dozen reinstalls (w10>7) or just fresh 7 installs have taken *hours* to check for updates. I was beginning to wonder if adding the disable gwx registry key straight after the install but before updating was causing problems but it appears not...

        Its now taking days to rebuild a laptop to ensure it is fully up to date..

        OI, MS, My time is MY money, you are not going to coerce me into windows 10, not now, not ever. Accept it and let us Win7 diehards just fucking crack on will you...

        1. Paul Crawford Silver badge

          Re: Slow

          I noticed that when trying to update a W7 VM a week or so ago, even an hour or two later - no patches apparently downloaded. Gave up and shut the VM down as I only needed it due to the incompetence of VMware management where they need flash 11.5.+ but Adobe only offer 11.2.+ now for Linux.

          WTF #1 needing flash for anything

          WTF #2 not using a version that is available on most server-room platforms

          WTF #3 was added in 11.2 -> 11.5 that mattered?

          1. AMBxx Silver badge
            Thumb Down

            Re: Slow

            Adobe flash on a server? No thanks.

            Incidentally, the problem is caused by IE haveing built in Flash, so the default adobe installer won't work. You need to download the full admin install (or whatever they call it).

          2. Anonymous Coward
            Terminator

            Re: Slow

            "I only needed it due to the incompetence of VMware management where they need flash 11.5.+ but Adobe only offer 11.2.+ now for Linux."

            WTF #1 needing flash for anything

            WTF #2 not using a version that is available on most server-room platforms

            WTF #3 was added in 11.2 -> 11.5 that mattered?

            A. Linux incompatibility.

            You should be considering this through the perspective of Gates' Razorwire: If it looks like unnecessary/arbitrary incompatibility, hands the Microsoft Corporation Inc. an unwarranted advantage in one of their key strategic battlegrounds and can reasonably be explained by conspiracy, it's another conspiracy.

        2. TheProf

          Re: Slow

          Slipstream!

          http://www.pcworld.com/article/239634/how_to_speed_up_windows_7_installs_with_slipstreaming_and_usb.html

    2. mr.K

      Re: Slow

      Update: So the checking of the updates finally ended last night and I selected some and deselected others and hit install and went to bed while my computer and MS did their thing. Usually they play nice with each other, but last night MS probably did something nasty so my computer did a hard reset (pulled up it's panties and went to the bathroom) in middle of the install (mid action, wink wink). I think that is the second time ever this box has actually crashed like that, so kind of nerve wrecking. Turn it off and go to sleep.

      Tried again this morning and did half of the updates to see if that worked.

      Tried to do the other half in the evening after work and now my computer doesn't even want to reach out to windows update and shake hands. Error code 0x80244019.

      Managed to find some MS tool that eventually fixed it, but I am kind of nervous of what that tool actually did to my computer.

      Is it supposed to be this hard? My computer and Microsoft have gone steady for years, but now Microsoft has changed and I am not sure they should be together any more. It feels like Microsoft want to brainwash her.

  3. channel extended

    Adobe default is...

    The default task for Adobe is to patch. I really don't like sites that insist on down loading a video I didn't want and to add insult, auto-playing. It seems that most of these boobs use Adobe for their vid's. So an article that tells me to patch thing like Adobe is really aimed at people with less than 100 IQ. Or those addicted to randomly clicking on web sites.

    As time goes on I am increasingly fed up with the stupid people who get pawned.

    1. Palpy

      Re: "Stupid people who get pwned..."

      Yes, well, I got that once (mildly, semi-pwned I guess) by downloading Paint.net from the first hit on the search page. Took a few minutes to eradicate the evil.

      It's getting harder not to get pwned. The exploits are getting smarter, drive-bys more common, and if you're seeing Flash ads then you aren't blocking Flash -- not smart.

      Speaking of stupid people, though -- are you running a secure OS? Ubuntu with Firefox in Firejail? Qubes using a locked-down VM? Whonix?

      Not to be an ass about it, but it pays to move your fruit higher on the tree. Low-hanging stuff gets picked.

      1. kryptylomese

        Re: "Stupid people who get pwned..."

        Fixed that for you! - "It's getting harder not to get pwned on Windows which stupid people are still using"

      2. werdsmith Silver badge

        Re: "Stupid people who get pwned..."

        Speaking of stupid people, though -- are you running a secure OS?

        Has somebody managed to create a secure OS? When did that happen?

    2. phuzz Silver badge
      Meh

      Re: Adobe default is...

      An IQ of 100 is the average IQ of a population, so there's 50% of the population below 100...

      (it's more complicated than that because IQ tests are calibrated against necessarily limited populations, but its true in general.)

  4. Anonymous Coward
    Windows

    Go ahead

    Enjoy today's two-minute hate on MSFT

    1. joed

      Re: Go ahead

      I wish it was just 2

    2. Anonymous Coward
      Anonymous Coward

      Re: Go ahead

      I upvoted because anyone that says anything so remotely stupid must be being sarcastic therefore I applaud your humour.

    3. Dan 55 Silver badge

      Re: Go ahead

      Your post assumes that Windows is good enough so that users can go 1438 minutes without hating something about it. That's a very optimistic assumption.

  5. a_yank_lurker

    RDP with no login?

    Why would anyone allow an RDP connection without any log in credentials? To me, this seems like a serious security risk with any OS no matter the default configuration.

    1. Mark 85

      Re: RDP with no login?

      It does make you wonder why they set that as default.. but given the Win10 is being pushed, maybe there's a method to the madness.

      1. Anonymous Coward
        Anonymous Coward

        Re: RDP with no login?

        I interpreted the issue as the default setting present is not to allow logon from account without password, but that it didn't work.

    2. Anonymous Coward
      Anonymous Coward

      Re: RDP with no login?

      Government mandated backdoor...

    3. chivo243 Silver badge
      WTF?

      Re: RDP with no login?

      @a_yank_lurker

      Passwordless account?! WTF is that? Who in any state of mind creates a passwordless account on a network? I've see this madness strike some home users, but on a production\work LAN?

      1. Dan 55 Silver badge

        Re: RDP with no login?

        Passwordless accounts on Windows are quite secure if the computer itself is secure, you shouldn't be able to log into them remotely. Until a little while ago of course.

        1. Loud Speaker

          Re: RDP with no login?

          Passwordless accounts on Windows are quite secure if the computer itself is secure

          Pigs can fly with suitably powered jet engines.

    4. Thomas Kenyon

      Re: RDP with no login?

      Isn't RDP with no password the default configuration for Virtualboxes vrdp?

      1. Hans 1

        Re: RDP with no login?

        @Thomas Kenyon

        >Isn't RDP with no password the default configuration for Virtualboxes vrdp?

        Are you nuts ?

        https://www.virtualbox.org/manual/ch07.html

        Or, for those who don't bother reading doc:

        For each virtual machine that is remotely accessible via RDP, you can individually determine if and how client connections are authenticated. For this, use VBoxManage modifyvm command with the --vrdeauthtype option; see Section 8.8, “VBoxManage modifyvm” for a general introduction. Three methods of authentication are available:

        The "null" method means that there is no authentication at all; any client can connect to the VRDP server and thus the virtual machine. This is, of course, very insecure and only to be recommended for private networks.

        The "external" method provides external authentication through a special authentication library. VirtualBox ships with two such authentication libraries:

        The default authentication library, VBoxAuth, authenticates against user credentials of the hosts. Depending on the host platform, this means:

        On Linux hosts, VBoxAuth.so authenticates users against the host's PAM system.

        On Windows hosts, VBoxAuth.dll authenticates users against the host's WinLogon system.

        On Mac OS X hosts, VBoxAuth.dylib authenticates users against the host's directory service.[36]

        In other words, the "external" method per default performs authentication with the user accounts that exist on the host system. Any user with valid authentication credentials is accepted, i.e. the username does not have to correspond to the user running the VM.

  6. Anonymous Coward
    Anonymous Coward

    Perfect example of why CVE counting is stupid

    Note how some patches list some CVE reported flaws and others have flaws just as serious if not worse that are not CVE reported, meaning their count of security problems is understated if you count CVEs.

    1. Roo
      Windows

      Re: Perfect example of why CVE counting is stupid

      "Note how some patches list some CVE reported flaws and others have flaws just as serious if not worse that are not CVE reported, meaning their count of security problems is understated if you count CVEs."

      You will be very disappointed if you expect the resident MS shills to pay any attention to that fact and adjust their unsubstantiated, irrelevant and incorrect claims around CVE counts... :)

  7. JHC_97

    Well my lenovo U31 has been 'updated' last night its very secure now. Since reboot the only key press it acknowledges is F9 which turns the laptop screen on and off.

  8. graeme leggett Silver badge

    Best KB article in this update batch

    KB3114344 - update for OneNote 2013

    "Translates some functionalities in multiple languages for the accuracy of the meaning and to avoid duplicity"

    Not quite the Queen's English.

    1. werdsmith Silver badge

      Re: Best KB article in this update batch

      "Duplicity"

      Now there's an ambiguous word that MS would do well to avoid.

      1. graeme leggett Silver badge

        Re: Best KB article in this update batch

        I fear that word never has a positive alternative meaning.

        I'll just check with MS Word's built in thesaurus -

        deceit

        deception

        dishonesty

        disloyalty

        unfaithfulness

        treachery

        fraudulence

        betrayal

        and "honesty (antonym)"

        I'll take a guess someone was looking for opposite of faithful/accurate.

    2. Doctor Syntax Silver badge

      Re: Best KB article in this update batch

      '"Translates some functionalities in multiple languages for the accuracy of the meaning and to avoid duplicity"

      Not quite the Queen's English.'

      Maybe something was lost in translation.

  9. Captain Badmouth
    Big Brother

    KB2952664

    This really is a persistent bast*rd update. I uninstalled it this morning before checking for new updates (win7). I had various security updates for win7 and office, the above was not in the list. After updating and restarting it was back on the computer. FFS, whose fecking computer is it?

    (rhetorical question, you know the answer)

    1. Anonymous Coward
      Anonymous Coward

      Re: KB2952664

      See if KB 3035583 W10 upgrade App has also reappeared.

      1. Captain Badmouth
        Thumb Down

        Re: KB2952664

        "See if KB 3035583 W10 upgrade App has also reappeared."

        No it hasn't, but KB2952664 has. Does anyone know how to kill this sucker once and for all? It's obviously re-installing itself on re-boot. A zombie update.

        So, I removed the machine from the network, deleted KB2962664 and rebooted.

        Yes, it's still there.

  10. A Ghost
    Facepalm

    If someone had told you even 3 years ago...

    ... that the computer you had bought would stop working because the OS on it would be forcibly replaced, whether you liked it or not, they would not have believed you. Imagine it: 'Eh man, you know that OS that runs on your hardware, and works, man, well that OS will be replaced, and like, your hardware, won't work any more, man'.

    People would have been all Victor Meldrew.

    Sheer insanity. I know that example was a worse case scenario. But microsoft doubling down and actually forcing end users to turn off windows updates, knowing full well all the security implications of that, I call malice. It's not just hardware that is getting messed with, it's software. I know of quite a few instances of audio software that stops working because microsoft openly disregards that market and doesn't care about compatibility.

    I've said it before, it's the small software developers I feel sorry for.

    The life cycle of XP was what? 10 years? Vista didn't really work, but Win7 was a success and that has to be the longest running successful OS from them apart from XP, so far. I'd say that has had a lifecycle from anything to a few years to maybe 5 tops. Win8 everyone said 'no thanks', and Win X people are just saying 'fuck off'.

    I don't see how this will end well for them. They have lost what little good will they had, forever.

  11. Captain Badmouth
    Big Brother

    win 10 nagware

    Further to my posts above, all the updates I had hidden I had to re-hide after the update session.

  12. Captain Badmouth
    Happy

    Powershell removal of KB2952664

    It appears there are multiple copies of this, to remove

    Run the following in powershell :

    To find all versions installed:

    dism /online /get-packages | findstr KB2952664

    ( the operation took a while on my computers with a blinking cursor for ages, but it gets there)

    To delete one version (6.1.13.3):

    dism /online /remove-package /PackageName:Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.13.3

    Edit the above command for different versions.

    This was on a microsoft help page, would you believe.

    I had 4 copies of 6.1.13.3 and one each of 6.1.6.1 , 6.1.7.4 and 6.1.8.2

    I restarted, and it's gone. :)

    But I'll check again tomorrow.

    FFS.

  13. Captain Badmouth

    If you're running 32 bit win7

    Edit the remove command as follows :

    dism /online /remove-package /PackageName:Package_for_KB2952664~31bf3856ad364e35~x86~~6.1.13.3

  14. JJKing

    re Powershell removal of KB2952664

    Arrrrg, I be thanking ye Captain Badmouth, oops a tad early to be talking like that eh.

    I found SEVEN bloody Package Identity for this freaking KB and yet another one in the Update queue. So much for the KB article on how to "disable" the Windows 10 way of Microsoft's Borg version of choice.

    1. Captain Badmouth
      Devil

      Re: re Powershell removal of KB2952664

      Yep, there's me thinking it was a zombie inhabiting the bios or somesuch.

      What next, microshaft?

  15. Colin Wilson
    Flame

    Bricked networking ?

    I think this is related to KB3124263...

    My machine suddenly decided it didn't know how to use network protocols any more, and all attempts to fix it so far have failed. The machine hadn't been booted up for about a week, and decided to drop offline while I was in the middle of a game.

    Despite several reboots (in the vain hope it would correct itself), doing a roll-back to the backup it made that day, and checking the installed updates in the hope I could uninstall it (it's not listed, despite several entries saying it either installed successfully or latterly failed).

    I've tried a "fixit" util suggested on a Win10 forum without success, so the only options that appear to be available to me are to do a clean install (without being able to get the ISO because I have no net connection on my only hardware capable of snagging and burning it).

    I'm surprised no-one's mentioned it on here as it doesn't seem to be a one-off, there are mentions in lots of places :-(

    Any and all suggestions welcome, given that my options currently seem to be to "reinstall" but lose all my apps and data / images etc, (I don't have a list of my keys or install discs to hand for some of them) or see if it'll let me revert back to Win 7.

    1. Colin Wilson

      Re: Bricked networking ?

      By sheer chance I came across a youtube video that went through two stages of checking / fixing the connection, #1 was the "obvious" check the network cable was in (mine was, I was playing a game on it when it decided to hide under the bed and lose connection), and #2 was how to reset the networking with netsh etc...

      Of course, I knew #1 was OK because I was using it when it took itself offline, so went to #2, only to find that didn't work either.

      Back to the drawing board, and some more searches, and read a random one relating to the use of multiple routers, where Win 10 didn't want to play with one of the routers after the update.

      It didn't really apply to me, since I only have one router, and a 5 port switch linking a couple of printers - but for the sheer hell of it having read about sudden "lost" hardware compatibility, I bypassed the switch and took the main incoming network cable direct to the computer.

      It worked...

      What the merry f*ck is going on if a bog-standard Asus switch now breaks windows 10 - what's next ? - will plugging in a card reader cause downtime ?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like