Don't panic: Microsoft Mistakenly Posted a 'Test' Windows Update Patch
Microsoft confirmed Wednesday that a suspicious-looking update pushed out to Windows machines globally in the early hours was nothing more than a test gone errant.
A spokesperson said that the company had "incorrectly published a test update" and is in the process of removing it.
It follows an hour or two of brewing concern on social media, forums, and news-sharing sites that the Windows Update service had been compromised in some way. The "important"-rated patch, appeared on Wednesday as a supplemental language update, rather than a security fix. The patch was 4.3MB in size, according to a thread on Microsoft's support forums, and contained gibberish text for its name, description, and strange and inaccessible links in the "more information" and "help and support" part.
More than 17,200 people have viewed the thread so far, while others have taken to Twitter and message boards like Hacker News and Reddit to complain. The patch is thought to have been pushed through consumer machines running Windows 7. Enterprise users running Windows Server Update Services (WSUS) don't seem to be affected. In most cases, the patch failed to install. In one case, a user said after the successful installation, his laptop was "screwed," describing frequent crashes and that it "killed my system and compromised my gear."
It's not immediately clear what was inside the patch, or whether it modified any Windows files. In any case, the Windows Update system is a core and vital part of keeping computers around the world up-to-date. Shaking confidence in that system is going to have a lasting effect, especially in a day and age of almost daily hacks and ongoing government surveillance.
http://www.zdnet.com/article/microsoft-accidentally-issued-a-test-windows-update-patch/
Nerves Rattled by Highly Suspicious Windows Update Delivered Worldwide [updated]
Microsoft said a highly suspicious Windows update that was delivered to customers around the world was the result of a test that wasn't correctly implemented.
"We incorrectly published a test update and are in the process of removing it," a Microsoft spokesperson wrote in an e-mail to Ars. The message included no other information.
The explanation came more than 12 hours after people around the world began receiving the software bulletin through the official Windows Update, raising widespread speculation that Microsoft's automatic patching mechanism was broken or, worse, had been compromised to attack end users. Fortunately, now that Microsoft has finally weighed in, that worst-case scenario can be ruled out. What follows is the remainder of this post as it appeared before the company issued its explanation.
This Web search, which queries the random-appearing string included in the payload, suggests that it's being delivered to people in multiple regions. The same unexplained and almost certainly unauthorized patch is being reported in a variety of online posts, including this one hosted by Microsoft. The updates appear to be coming directly from servers that are cryptographically certified to be part of Microsoft's Windows Update system.
(Score: 4, Insightful) by Nerdfest on Thursday October 01 2015, @11:58PM
I hope this gives everyone a warm fuzzy feeling about their competence.
(Score: 2) by Gaaark on Friday October 02 2015, @12:15AM
That's what i was thinking... professionalism at its' highest.
WOW
!!!
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 3, Insightful) by frojack on Friday October 02 2015, @12:24AM
It makes you want to double check and make sure you have your updates on a manual basis.
This isn't the first time this has happened to Microsoft. One of these days they will release another fatal flaw to the world. (They have released devastating flaws in the past, but they were limited to a small audience).
Sadly, that probably can't happen too soon, because the sooner Microsoft gets badly embarrassed the better for the whole ecosystem.
No, you are mistaken. I've always had this sig.
(Score: 3, Interesting) by Runaway1956 on Friday October 02 2015, @12:42AM
Windows XP, one of the service packs, I think it was SP2. Download, install, reboot - and if you had an Intel, you were 99.999% likely good to go. But, if you had an AMD CPU, the computer would go into an endless cycle of rebooting, with no way to interrupt it other than pulling the plug. If I remember correctly, it took a few days for them to "fix" that - but of course, I had already nuked from orbit. I do remember how pissed off the wife was, because she hadn't yet learned to keep copies of her more important stuff somewhere other than C:
There is a supply side shortage of pronouns. You will take whatever you are offered.
(Score: 3, Funny) by Gaaark on Friday October 02 2015, @01:11AM
Ha... my wife says "linux sucks... you can't do anything with it". Then she got a virus (i kept telling her to get antivirus on it, but she kept saying 'not right now, i'm busy' so....
Now she uses my linux laptop to do her web surfing and printing cause hers keeps redirecting her to places she doesn't want to go (she rarely uses hers now... seems she can't do anything with it, lol).
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 2) by Runaway1956 on Friday October 02 2015, @02:03AM
My other half still runs Windows, but she actually built her own machine from parts, ordered from Newegg. And, she purchased the installation CD (or DVD). As mentioned already, she keeps her more important files on a D: so that she can nuke a screwed up installation, and reinstall. That solves so many problems, right there.
MOST people get Windows preinstalled, and no installation media, so that OS problems lead to a useless hunk of scrap with which they can do little if anything.
Always insist on installation media, if you must deal with Windows machines. Or at least do a disk image before putting the machine into service.
There is a supply side shortage of pronouns. You will take whatever you are offered.
(Score: 2, Informative) by Francis on Friday October 02 2015, @02:33AM
I'm not so sure you really need installation media any more. Windows 7 and later have ISOs available from MS that you can use. As long as you have a valid key then you should be OK. I haven't bothered to check 8, but 7 and 10 both have them available.
The OEM copies that they want you to use usually have all sorts of crapware on them. With 7, I usually download my updates with WSUS or slipstream. Greatly reduces the headaches involved with doing an update. But, lately, I don't do reinstalls anymore as my only Windows installation is in a VM.
(Score: 2) by Runaway1956 on Friday October 02 2015, @02:42AM
Apparently, I haven't kept up with Microsoft reinstalls. But, just as apparent, the less tech savvy don't know that they can download those ISO's. A couple weeks ago, I listened to one of my coworkers complaining about his infested computer. Even if I went back to advise him to download the ISO, he wouldn't have any idea what to do with it. Then, I'd probably feel obligated to help him sort things out, and I'd be doing tech support for him on the weekend.
To be fair, he probably couldn't reinstall if I gave him the CD/DVD from which to do it.
There is a supply side shortage of pronouns. You will take whatever you are offered.
(Score: 3, Informative) by acharax on Friday October 02 2015, @09:01AM
Those isos are MSDN exclusive again, they pulled them sometime between Windows 8 and the release of Windows 10, I guess when the former began tanking really hard (don't quote me on that). Of course, they are easy to find elsewhere online if you know the original file name and signature. They did put up some recovery media page, but almost nobody is eligible to obtain said recovery media from there if memory serves, so it may as well not exist at all.
(Score: 1) by Francis on Friday October 02 2015, @09:05AM
I was surprised when the Lenovo tech told me about that. The whole situation was rather ridiculous. I created the disc that was supposed to be installation media. But, it turns out that you had to also do a backup of the laptop in order to actually use the installation media.
Fuck that.
Anyways, the disc image you get from MS is clean of all the crapware that the OEMs get paid to include, so in addition to wasting money buying something that you can get for free, you also get the added unpleasantness of crapware.
(Score: 3, Interesting) by TheGratefulNet on Friday October 02 2015, @12:54AM
after ftdi-gate, I disabled MS updates.
I'm NEVER going back. fuck that shit. you have lost my trust from now on, MS. I never liked you, but I did trust your updates. now, you have completely lost your mind, you have alienated your users and you've caused people like me to disable updates entirely; and for some, that creates more malware targets and sources and bots.
I have a very old dvd install for windoze (yes, correct spelling, if you know what I mean) and I'll probably install that one at some point, disable updates and firewall the system so that its local-only. if the dvd distro was created more than 6mos ago (its more like a year old, now) then it predates any of this win7 backport bullshit and I'll know there are not any sneaky 'updates' bundled in.
I use linux for my network-facing system anyway; but now I have to be very careful not to put win7 on any public network.
I wonder if there's any way MS can dig themselves out of this mess? I can't see how. their win10 is not going to be like the older os's and the handwriting is on the wall. from now on, its 'cloud based shit' for windows and that's just not something I wish to be part of. I dont' expect MS will ever recover from this.
"It is now safe to switch off your computer."
(Score: 2) by bob_super on Friday October 02 2015, @06:58PM
> They have released devastating flaws in the past, but they were limited to a small audience)
In market share maybe. But in absolute numbers, ME and Vista affected a large audience.
(Score: 3, Funny) by davester666 on Friday October 02 2015, @04:01AM
I have never felt more confidence in Microsoft.
(Score: 3, Insightful) by KilroySmith on Friday October 02 2015, @12:17AM
Windows update is a critical service for a billion PCs in the world.
The fact that a "test" update was able to hit the production servers shows a complete failure of their release system. They apparently don't have control over who is authorized to build, package, and roll updates out to those billion PCs. This means that rogue elements within Microsoft could create a malware tsunami of a magnitude we've never seen before - they could roll out an unauthorized Windows Update package to 10's or 100's of millions of PCs overnight.
This is an inexcusable oversight on their part.
(Score: 3, Interesting) by TheGratefulNet on Friday October 02 2015, @12:57AM
search about the big black eye MS got from pushing out the ftdi driver on behalf of that fucked-up company FTDI, in scotland.
idiots thought that bricking our hardware (if using a fake chip; which is more than half of the chips out there and 98% of all ebay and amazon sourced ftdi chips) was a good way to 'educate us'.
it became ftdi-gate, as it was known, and there was a huge thread on eevblog (and others) about this.
that was the final straw for me. win10 was never of interest to me, but after ftdi-gate, I disabled win updates and removed many of the ones that were already installed.
lesson learned. MS does not care anymore. they are acting like google; they have a fuck-you attitude and just could not care less about us. we are their pawns, in their eyes.
I hate google and now, again (after so many years) I'm back to hating MS.
thank god linux is out there; if not for linux, I'd basically have nothing. or maybe an old DECstation or something, lol.
"It is now safe to switch off your computer."
(Score: 1, Interesting) by Anonymous Coward on Friday October 02 2015, @07:05AM
A fake chip is one that looks like a chip, but doesn't actually contain the electronics.
A competitor being compatible without permission is not a fake chip (Samba is not a fake server, and Libre Office is not a fake office suite). There may be a misused trademark involved, but the driver did not check for that - that would require opening the device, and seeing if the chip has FDTIs trademark. USB vendor IDs cannot be trademarked.
(Score: 0) by Anonymous Coward on Friday October 02 2015, @12:40PM
monocultures tend to do that https://en.wikipedia.org/wiki/Irish_potato_famine [wikipedia.org]
(Score: 0) by Anonymous Coward on Friday October 02 2015, @12:46AM
It was likely just a new employee, practising at preparing update packages. Someone mis-clicked--not hard to do in a GUI--and out it went.
Patreon [soylentnews.org] had a test version of their site, hooked up to the Internet with their live data, and that led to a problem. Maybe Microsoft want to avoid that sort of problem, so they only have the one production server.
Whatever the cause, the mistake was noticed quickly. With millions of users, this sort of error will be detected promptly when it happens again. As ZD Net says, not to worry.
(Score: 2) by Gaaark on Friday October 02 2015, @01:15AM
I put the condom inside my wife before i put it on myself... (not hard to do 'cause they're gooey), and in it went. Whatever the cause, the mistake was noticed quickly.
Alfred E. Neuman says, "What? Me Worry?"
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 2, Touché) by Anonymous Coward on Friday October 02 2015, @01:32AM
So you're saying it's possible for someone new to accidentally push out something that isn't suppose to be pushed out to billions of PCs - and with Windows 10, it's PCs that will be unable to refuse the update. So now hackers and criminals just need to find a way to get someone into microsoft willing to make that "mistake". :P I don't know about you, but that makes me rather uneasy.
And even if what you say was the case, why the fuck would they arrange the gui in such a way that it's easy to make a simple misclick to throw potentially bricking updates onto the world.
(Score: 2) by Common Joe on Friday October 02 2015, @02:32AM
These are the same people who put the close button next to the maximize and minimize button at the top of a window. They are also the same people who default the "yes" button when you hit the delete button in Windows Explorer.
There's no telling what silliness they do internally, but based on what the summary is about, I'd say it's very possible.
(Score: 3, Insightful) by WizardFusion on Friday October 02 2015, @09:30AM
Don't forget the on issue about hiding file extensions in explorer by default.
(Score: 1, Touché) by Anonymous Coward on Friday October 02 2015, @07:11AM
But hard to do if your test environment is probably firewalled off from your production environment.
Also hard to do if your user is in the QA group, but not the release group, as would be the case in any properly set up Active Directory.
Don't tell me that Microsoft can afford neither a dedicated firewall, nor a person who knows how to set up Active Directory.
(Score: 3, Interesting) by Anonymous Coward on Friday October 02 2015, @02:26AM
I think that fretting over someone accidentally clicking "Publish to production Windows Update" on a test patch is very low in priority compared to these disasters that El Reg has covered in the past year:
Probably the most egregious incident was KB2982791: http://www.theregister.co.uk/2014/08/17/remond_cries_uninstall_in_the_wake_of_blue_screens_of_death/ [theregister.co.uk] ...which was released in August 2014, and BSOD'd systems that had fonts installed in locations other than the Fonts directory. (Yes, this should be perfectly valid.) Oh, and this occurred the patch cycle after Microsoft executed a layoff round that targeted the team dedicated to testing Windows. (As we know now, Microsoft has crowdsourced its testing of Windows 10 to the public.)
And there was also the fight in Windows 10 between Windows Update and the Nvidia GeForce Experience tool: http://www.theregister.co.uk/2015/07/28/windows_10_update_nvidia_driver_conflict/ [theregister.co.uk] . In this case, NVidia's updater was pushing the last known stable update, when Microsoft's update was newer, less stable, and constantly being forced onto Windows 10 systems. Also, Microsoft has decided to double down on their policy instated last year of not announcing the content of updates ahead of time: http://www.theregister.co.uk/2015/08/21/microsoft_will_explain_only_significant_windows_10_updates/ [theregister.co.uk]
So between a BSOD'ing update, forcing install of unstable drivers, and failing to adequately explain the content of drivers being force-fed to all but corporate enterprise customers, this "test patch" is an insignificant joke inside the giant cesspool that is the Windows Update ecosystem.
Windows users should panic. They are currently under the yoke of the worst update system in the market of the major consumer operating systems. It has become the operating system equivalent of Penny-Arcade's "Tribes 2 Patch Complete; Click OK to be kicked in the beanbag" meme: http://www.penny-arcade.com/comic/2001/06/18 [penny-arcade.com]
(Score: 2) by Bill Dimm on Friday October 02 2015, @03:21AM
Looks like you missed the KB3033929 reboot loop [krebsonsecurity.com] that seemed to impact systems set up to dual boot Linux (hit both of my computers).
(Score: 4, Insightful) by aristarchus on Friday October 02 2015, @04:05AM
Do we mean to say, that Windows has failed the "Hairyfeet Challenge"? Oh my, this will not end well.
(Score: 3, Insightful) by acharax on Friday October 02 2015, @05:33AM
Sheer incompetent like this is just as bad as a full scale compromise and usually they go hand in hand anyway. Hell, this is Microsoft, the same people who shipped install disks preinfected with CIH many years ago out of similar neglect. What this event shows us is that there is no real oversight over what individual engineers (or should I say interns?) in charge of the update system do, there possibly isn't even as little as a second tier of staff confirming the inclusion of items in an update for something this blatant to get through. If you're a fool who moved to Windows 10 you should by all means panic because you're getting automatic and undocumented crapola downloaded onto your system, by a company that apparently doesn't even bother to audit what it is it's pushing out. Good times ahead.
I kind of wish this were a compromise, at least that way we'd see some real backlash, but incompetence like this? The vast majority will take it for buisness as usual, there will be no incentive to improve the system in place or anything. Sure, the person responsible for this will get yelled at by a superior for a minute or two, but that's going to be the only tangible consequence from this debacle, don't kid yourselves.
(Score: 1, Flamebait) by jasassin on Saturday October 03 2015, @02:17AM
I installed Windows 10. You're right. I'm panicking. I've never been so scared in all my life. Ohhhh the humanity! Fuck off.
jasassin@gmail.com Key fingerprint = 0644 173D 8EED AB73 C2A6 B363 8A70 579B B6A7 02CA
(Score: 1, Informative) by Anonymous Coward on Friday October 02 2015, @06:03AM
I thought we already had the worst case scenario confirmed by the Snowden leaks, Micro$oft is NSA's bitch.
https://en.wikipedia.org/wiki/PRISM [wikipedia.org]
(Score: 3, Insightful) by novak on Friday October 02 2015, @06:28AM
Since Microsoft has never been trustworthy, and recently actively untruthful, I don't see any particular reason to believe them. So let's play a fun little game of deciding what actually happened for them, since their press release may or may not have any connection to reality.
1. Microsoft was honest. These clownish buffoons actually can't tell the difference between a real update and a test update, even though the test was labeled so blatantly as to be immediately noticed by a user with any technical ability whatsoever. Microsoft is as sharp as ever. Please continue to mock them at your leisure.
2. The NSA decided to see just how much people trust their software vendors, and made microsoft publish an emergency spying update, because windows 10 doesn't gather enough data on its own (ell-oh-ell). We already know that microsoft would do anything asked by big brother, so why not?
3. Some hackers (most likely microsoft employees) gained access to the update servers and tried to burn down the whole world. Since the odds are they're useless script kiddies, they goofed, the update is harmless, and microsoft decided to sweep it under the rug. (Or it is some form of time bomb that microsoft thinks they can fix in time). Interestingly, in this scenario, microsoft isn't the only party that deserves ridicule.
1 is clearly the most likely, but also the most boring. At any rate, anyone who trusts microsoft with their computer is even more stupid looking than usual today.
novak
(Score: 2) by meisterister on Saturday October 03 2015, @05:55PM
4 (which is a modified 2): Microsoft intentionally published the update to find out how attentive its users are.
(May or may not have been) Posted from my K6-2, Athlon XP, or Pentium I/II/III.
(Score: 0) by Anonymous Coward on Friday October 02 2015, @05:48PM
somebody with super co-ordination skills, trusted by judges, nuke operators and the overall government to chauffeur them around
town, accidentally tripped, feel on somebody attractive who in the falling-down process lost their pants and panties and got
shafted in the backhole whilst having to enjoy an accidentally orgasm because the most trusted chaeuffeur hit the funny-bone AND heard a
joke about linux lusers on the way down .. and in.
oh well ...