Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Saturday August 08 2015, @06:35AM   Printer-friendly
from the now-THAT-is-what-I-call-a-DDoS! dept.

The problem is affecting domain-attached Windows 7 PCs not signed up to Windows Server Update Services (WSUS) for patches and updates, but looking for a Microsoft update instead.

The upshot is PCs, ranging from 10s to hundreds at a time, simultaneously chowing down on the 3GB-plus Windows 10 load, killing business networks.

[...] And it’s all happening despite Microsoft promising – here – that it wouldn’t.

[...] Users have logged urgent enquiries with Microsoft’s helpdesk but in the meantime have resorted to triage to stop the problem.

That means blocking traffic at the firewall stage that would normally have gone to Microsoft Update. Another option is to switch settings to the WSUS server.

Any Soylentils run into this problem? What have you done to cope with it?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by ledow on Saturday August 08 2015, @02:12PM

    by ledow (5567) on Saturday August 08 2015, @02:12PM (#219872) Homepage

    There's a reason that - outside of work - I disable and block auto-update of anything and everything that tries.

    Sorry, but the right to run unknown executable code on my machine is something that I don't offer to everyone, for the same reason that I don't run random executables from the Internet, I can't let Microsoft execute a single byte of code other than that I specify or know about. Not because I think they are being malicious rather than just stupid, but because it doesn't matter their intentions - the facility is there to do harm with even an innocent action.

    That something has connected to the Internet, been told to download stuff, downloaded random executable and is one instruction away from executing them without my knowledge? Sorry, but I find that unacceptable. So you will get blocked. And turned off. And disabled. And removed. And whatever I can do to stop that shit. It doesn't matter that it's signed, certified or anything else. It's without my consent or knowledge, so it doesn't happen.

    It's not what's happened, it's the principle of what's happening here.

    Even on Linux, I do apt-get update on MY schedule. I then look and see what it wants to upgrade. I then check to see why it's upgrading them (mailing lists of ubuntu packages normally). Then, if necessary, I instruct it to proceed. If it touches a service or program I don't want to risk upgrading, it gets checked twice. Because, even now, I have a broken MySQL installation on one external server because an upgrade partially failed, despite being identical to other machines where it didn't. So now I have to clear up the mess. Fortunately, I knew it was coming so tested it in parts and nothing vital could have been lost, but it's not the point. Auto-update is dangerous and not compatible with predictable computing. That's why WSUS is a business feature, because they can't tolerate that kind of shit happening automatically, and even there companies get mis-treated and forced to apply updates, and have updates "sneaked in" like this, or disguised as security updates (sorry, but the Windows 8.1 and Windows 10 upgrade dialogs ARE NOT SECURITY UPDATES - you fuckers!).

    With snapshot, rollback, virtualisation, etc. I honestly do not understand auto-update. Nor why we can't just say "That fucked my computer up, please revert to your state yesterday" (don't even get me started on System Restore's worthless rollbacks.

    Starting Score:    1  point
    Moderation   +3  
       Insightful=2, Interesting=1, Total=3
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5