Category Archives: Patches and updates

Dear Microsoft: stop screwing with my computer

At one point, not many years ago, we had control over our own Windows computers. Microsoft has ripped that control from us gradually, and with Windows 11, not only does Microsoft decide which patches your computer needs, it also decides when to install them, and when to restart your computer to complete them.

Sure, there are ways to regain some control. Updates can be delayed, and restarts can be scheduled. But that’s only if you’re running the more expensive versions of Windows.

Various update-induced nightmares

Power settings reverted

I’ve never seen a satisfying explanation for why this keeps happening on computers I manage.

I suppose it’s possible that Microsoft is trying to be a good citizen, and tell the billions of Windows computers it effectively manages to go to sleep when they are no being actively used.

Sure, that saves power. And sure, most of the time a sleeping computer is just slightly annoying to its user. But the Windows sleep feature isn’t exactly reliable. Most power users leave it permanently disabled because it just causes too many problems.

It’s also a huge problem for computers that are mainly used remotely. When a remote Windows PC goes to sleep, it becomes impossible to access remotely. Someone has to go to the computer physically and hit the keyboard to wake it up.

Sure, there’s technology to get around this, such as Wake-On-LAN. But I have yet to see WOL work reliably on any Windows computer where I’ve tried it.

Incidentally, this exact scenario recently happened to me (again), and there was no way to access the remote PC until the business reopened two days after I needed remote access.

Default apps revert to Windows defaults

This has happened on Windows computers I manage more times than I can remember. There’s no pattern to it. I would almost prefer if this happened after every update, because then I would know that I always have to reset them.

It’s no coincidence, I’m sure, that the defaults involve setting up Microsoft apps to open everything. Nothing to do with the fact that a lot of those defaults involve opening files in Edge, and the fact that Edge is basically hated by everyone and used very little, at least intentionally.

Worse still, Microsoft has made it increasingly difficult to change these settings. The latest user interface is awful. And it’s now effectively impossible for an application to make itself the default for specific file types. Apps typically now have a message apologizing for not being able to make those changes, and telling the user that they have no choice but to use the crappy Windows interface.

Resetting all the default apps on my Windows 11 computer takes about an hour. I’ve spent a lot of time testing applications, and have settled on a collection that works very well for me. Very few of them are Microsoft apps. I have to keep notes about it, because I can’t remember all of the details.

Updates and reboots interrupt critical processes

You’ve probably heard the stories about people giving important presentations, only to be interrupted by updates and reboots. It’s even happened to Microsoft executives.

Microsoft has tried to improve this, offering to only install updates and reboot after hours, but those settings are far too limited.

Updates are not properly tested

Those other problems are annoying and problematic, but they pale in comparison with those times when Microsoft’s Windows update ineptitude has caused major outages around the world. There have been estimates about how much these problems have actually cost in terms of lost productivity, and the numbers are significant.

Of course, every time this happens, Microsoft says it was impossible to predict, and that it will never happen again. Here’s a suggestion, Microsoft: try testing updates properly before foisting them on millions of innocents users.

Conclusion

So hey, Microsoft. Kindly fuck all the way off with this bullshit. Linux looks better all the time.

Microsoft update adventures

Yesterday I fired up my media PC, booting to Windows 10, to watch some episodic visual media (you know, TV shows) that we refer to as ‘comfort food’ around here.

Imagine my surprise when instead I saw a series of weird dialog boxes pop up on the screen, many of which were blank. Was it some kind of malware? Nope, it was Microsoft Copilot, trying to install itself and going berserk.

I tried following the prompts I was able to see, but those just led to more dialogs, including prompts for a PIN code that I don’t normally use when logging in. On that computer, I had previously given in to Microsoft’s increasingly strident demands that I use a Microsoft account to log in. So the PIN prompt was confusing.

I wish I had taken video of the whole thing. It was both comical and horrifying. My roommate looked on while I tried in vain to close blank dialogs that kept recreating themselves.

Eventually I recognized the Copilot logo on the taskbar for some of these dialogs, and caught enough of one briefly-flashed message to realize that this was Copilot, apparently attempting to install itself.

. . .

Windows 10 marked a major change in the way Microsoft updates the operating system: basically, updates are pushed to your computer whether you want them or not. You can delay them, sort of, but you can never stop them completely.

I have serious misgivings about that, but also about Microsoft’s decision to push Copilot to PCs running a version of Windows that won’t even be supported in a few months. Windows 10 support will end in October of 2025.

. . .

Anyway, once I realized that the barf being spewed in my face by Microsoft was related to Copilot, something in which I have zero interest, I started killing tasks. The ensuing game of whac-a-mole went on for a few minutes before I finally won, and the insane dialogs stopped appearing.

I then proceeded to remove Copilot-related garbage from the Startups list, which I later confirmed did in fact stop this mess from occurring again at the next startup.

That was half an hour of my life that I will never get back. Thanks, Microsoft!

Luckily, I was only booting to Windows on my media PC temporarily, while working on a minor problem with Linux Mint on the same PC. I’ve now gone back to using Linux Mint, and I really hope I never have to boot to Windows 10 again.

. . .

Ever since Microsoft throttled back their own update testing, instead relying on problem reports from canaries (literally how Microsoft refers to people who opt in to receive Windows updates early), the number of problems resulting from updates has increased sharply (full disclosure: I only have anecdotal evidence of this).

Here’s another example of Microsoft update fun: a couple of weeks ago, Outlook stopped working on all PCs at a client’s location. After a lot of troubleshooting, it eventually became clear that a recent Microsoft update had hosed Office. The Office ‘repair’ function fixed most of the PCs, but on one, Office had to be reinstalled completely. Frustrating, annoying, and totally unnecessary.

Come on, Microsoft. You used to be just kind of shitty. Now it seems like you actively hate your users.

Microsoft still has trouble remembering not all users are the same

Until June 30, Microsoft had planned to disable Visual Basic for Applications (VBA) scripts in Office applications. VBA is the programming language built into all Office applications.

The change rolled out to beta testers in June. Whereupon Microsoft was apparently deluged with feedback from businesses whose many custom scripts suddenly stopped working.

Microsoft’s about-face was abrupt: on June 30, Microsoft announced that the change would not be rolled out to the general public in June as planned.

Previously, Office applications only popped up warnings about running potentially non-secure scripts, and allowed the user to run them anyway. That override was removed in the version that was being tested.

Incidentally, that earlier change was generally viewed as a good thing by security folks, because it’s well known that malicious scripts in Office documents are an effective vector for malware, phishing, and other nasty stuff.

But business and education users often use extensive custom VBS scripts to manage their work, and suddenly disabling all those scripts was going to be a huge problem for those people.

Once again, Microsoft seems to have completely forgotten that a lot of people use Office applications for their work; that those scripts are often poorly maintained; and that while it may make sense to force ordinary users to stop using VBA, the effect on business users would be much more dramatic.

Microsoft says that they are reveiwing the situation. How about giving these changes some thought before foisting them on us?

The Verge has more.

Update 2022Jul29: Microsoft is once again rolling out this change, with some tweaks to the wording of associated warnings, and a few critical tweaks that make it easier to work around for system administrators.

Microsoft updates still breaking things

Is it just me, or is Microsoft actually getting worse at this? It seems that every month there are more horror stories about problems caused by MS software updates. Given that Microsoft is still pushing hard for all Windows updates to happen automatically, this is very troubling.

In the latest instance, updates pushed out for January’s Patch Tuesday caused some Windows servers to reboot continuously. For server admins, this is a nightmare scenario.

One could argue that since the problem only affected a specific subset of Windows servers, this was less serious than something that affects all Windows 10 users. But affected servers were potentially used by hundreds or even thousands of people, which amplifies the scope of the problem.

Microsoft’s approach to testing changed with the release of Windows 10, and they now rely on reports from regular users who have opted in to pre-release versions of Windows. It’s clear that this kind of testing is much less useful than proper, methodical testing. Whether Microsoft will eventually go back to proper testing remains unclear. Meanwhile, we all suffer. And wonder whether the next Patch Tuesday is going to be a day of disaster.

Ars Technica and The Verge have more.

Patch Tuesday for December 2021

Time for another thrilling game of I Hope These Critical Security Updates Don’t Break Anything On My Computer with your permanent host, Microsoft.

This month’s edition includes approximately thirty-seven updates, with fixes for eighty-eight vulnerabilities, in Office, Defender, Edge, SharePoint, Visual Studio, Visual Studio Code, and Windows.

The challenge of counting the number of updates and vulnerabilities each month isn’t getting any easier, as some Microsoft applications (especially Edge) now update themselves outside of the monthly cycle. The source of both information and confusion about Microsoft updates is the Security Update Guide.

Microsoft isn’t showing any signs of giving up their ultimate power over your PC, and will continue to install updates pretty much at their whim, for the foreseeable future. Those of us still running Windows versions that are unsupported (7, XP), and soon-to-be-unsupported (8.x) are starting to seem like the last holdouts in a battle that’s already lost. The battle for control over our own computers.

Or maybe that’s just hyperbole.

Regardless of the status of automatic updates on your version of Windows, at this time of the month it’s a good idea to head over to the Windows Control Panel (or Settings), find Windows Update, and check for new updates.

Patch Tuesday for November 2021

To paraphrase butcher Oscar Wilde: the only thing worse than having to install security updates every month is having no security updates at all. If you’re not getting a steady supply of security updates, your software is probably no longer being developed or supported. If you’re just choosing not to install the available updates, you’re asking for trouble. Either is bad, but at least you can do something about the latter.

It’s my duty to inform you that — at least by my count — Microsoft has made available this day approximately twenty-nine updates for Windows, Office, Edge, Visual Studio, Exchange Server, SharePoint, Visual Studio Code, and Windows Server. A total of fifty-five vulnerabilities are fixed by the updates.

The source of this information is Microsoft’s Security Update Guide (SUG). It’s a sluggish and weirdly complicated system to navigate, but does seem to contain the necessary information.

As usual, this month’s collection includes updates for Windows 7, but those updates remain tantalizingly out of reach for most Windows 7 users, because obtaining them involves entering into a special agreement with Microsoft that’s way too expensive for regular folks.

Windows 10 systems get the updates automatically, and Windows 8.1 users — if automatic updates are disabled — should navigate to the Windows Control Panel and Windows Update to install them.

Java 8 update 311

Oracle just released its quarterly Critical Patch Update Advisory for October 2021.

As usual, there’s a section in the advisory for Java. The details show that previous versions of Java, including Java 8 Update 301, have fifteen known security vulnerabilities.

Java: What is it and why do I need it?

There’s a new version of Java that addresses the vulnerabilities in version 8u301: Java 8 Update 311.

If Java is installed on your computer, it’s a good idea to keep it up to date. If you’re not sure whether Java is installed, go to the Windows Control Panel and look for a Java entry. If it’s not there, great! You don’t use (or apparently need) Java.

Otherwise, click the Java Control Panel entry and go to the Update tab. Click the Update Now button to start the update process.

Patch Tuesday for October 2021

Like clockwork, Microsoft has once again provided us with a month’s worth of new security updates.

According to Microsoft’s Security Update Guide, this month there are patches for one hundred and seven vulnerabilties, in Office (2013, 2016, and 2019), Edge, Exchange Server, SharePoint, Visual Studio, System Center, Windows (7, 8.1, 10, and 11) and Windows Server.

As usual, Microsoft is taunting Windows 7 users with updates for that O/S, because most of us regular folks can’t afford them.

Windows 8.1 users — of which I’m one of the very few remaining — can either enable automatic updates, or navigate the Start menu to Windows Update to install available updates manually.

Windows 10 users can still delay updates, though just how long a delay is allowed depends on the flavour of Windows 10 you’re running. Windows 10 Home doesn’t give you much to work with in that respect.

Since Windows 11 isn’t even officially released yet, it’s difficult to predict exactly how updates will be handled for that O/S. However, it’s a safe bet that updates will be shoved down our throats as they are with Windows 10.

Patch Tuesday for September 2021

Summer is winding down, young folks are risking their health going back to school, and anti-vaccination cretins are revealing to the world how incredibly stupid they are by protesting at hospitals.

The good news is that you can easily distract yourself from the bad news for a few minutes by doing something straightforward and comfortable. I’m referring, of course, to installing Microsoft updates on your Windows computers.

If you’re looking for detailed information about the updates being made available by Microsoft today, the best place to start is the official source: the Security Update Guide (SUG). I’m not saying you’ll find it easy to navigate (you likely won’t). But it is the official source.

For those of you not inclined to risk a migraine by looking at the SUG, I’ve done my usual analysis of this month’s offerings, based on data downloaded from the SUG and viewed in a spreadsheet application (any one will do).

This month’s patches address a total of ninety-three security vulnerabilities, in Office, Edge, SharePoint, Visual Studio, Visual Studio Code, Windows Server, Windows 10, Windows 7, and Windows 8.1.

The Windows 7 patches are not available to regular folks, and can only be obtained (legally) by paying Microsoft a large amount of money. Windows 7 users are encouraged to upgrade to, well, I guess Windows 10, which is currently somewhat less terrible than it was when it was released.

Windows 8.1 users — the few of us who remain — have the luxury of deciding whether and when to install updates via Windows Update.

Windows 10 users can only delay updates, and then only if you’re running the Pro (not Home) version.

Patch Tuesday for August 2021

It’s another Patch Tuesday, which these days matters less and less, given that software makers are increasingly forcing updates onto us.

There are still plenty of people running Windows 7 and Windows 8.x: almost 20%, with Windows 10 taking the rest, at close to 80%. That’s according to Statcounter.

Sadly for Windows 7 users, official patches for that O/S are few and far between, with Microsoft only releasing Windows 7 updates to the general public when the vulnerability being addressed is particularly nasty.

That leaves Windows 8.1, for which we continue to receive updates, and for which the process has not changed much since the O/S was introduced in 2013.

The updates

This month, Microsoft is making available updates that address a total of eighty-seven security vulnerabilities in .NET, Office, Edge, SharePoint, Visual Studio, and Windows. That count is based on my interpretation of the official Security Update Guide, and it may differ from totals provided by others, because counting these things is not as simple as it sounds.

If you’re running Windows 10, hold onto your britches as Microsoft installs the new updates remotely on your computer, and hopefully doesn’t break anything this time.

Windows 8.1 users can either enable automatic updates, or head to the Control Panel and fire up Windows Update.

Windows 7 and XP users are basically out of luck. If you are using those systems, I strongly recommend that you don’t also use them for email or web browsing.