Hate to be that guy but if you automatically patch critical infrastructure or apply patches without reading their description first, you kinda did it to yourself. There’s a very good reason not a single Linux distribution patches itself (by default) and wants you to read and understand the packages you’re updating and their potential effects on your system
this post was submitted on 07 Nov 2024
515 points (98.0% liked)
Technology
59148 readers
2144 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
While you are generally correct, in this case the release notes labeled this as a security update and not an OS upgrade. The fault for this is Microsoft's not the sysadmin.
"Labeling error"
Lol, okay.
Why do my windows upgrades never run this smoothly?
I know this has nothing to do with my home computer, but this just further affirms my decision to switch to Linux earlier this year.
Copilot just forced itself onto my personal machines again so it's just typical Windows fuckery all around.
I'm truly, totally, completely shocked ... that Windows is still being used on the server side.
We run a lot of Windows servers for specialized applications that don't really have viable alternatives. It sucks, but it's the same reason we use Windows clients.
A bunch of enterprise services are Windows only. Also Active Directory is by far the best and easiest way to manage users and computers in an org filled with a bunch of end users on Windows desktops. Not to mention the metric shitload of legacy internal asp applications...
Yeah at work we do a lot of internal microsoft asp stuff, poweshell, AD, ms access, all that old legacy ms stuff
When the OS becomes the virus
When reading comprehension is limited to the title.
MS mislabeled the update
Heimdal (apparently a patchmanagement) auto-installed the falsely labeled update.
If OP (this was reported by a Redditor on r/sysadmin) and their company is unable to properly set grace periods for windows updates I can't help them either.
IMHO you are supposed to manually review and release updates either on a WSUS or the management interface of your patching solution.
Not just "Hehe, auto install and see what happens".
And if you do that shit, set a timeout for 14 days at least for uncritical rated updates.
They said they believe it was a mislabeled update. MS didn't respond. Before criticizing others for their reading comprehension, I think you could work on yourself too.
There is a world, and it may be ours, where MS purposefully pushes this out. As the end of the article makes clear, this will be only a minor issue for those with good backup (which they probably all should but they don't), but for those who don't they'll be stuck with the new version and have to pay for the license of it. This is a large benefit to MS while they also get to pretend like it's just a mistake and not having backups makes it your issue, not theirs.
I come to the comments for someone to summarise the article for me.
You thought you were in control?
Our server, comrade.
Since rolling back to the previous configuration will present a challenge, affected users will be faced with finding out just how effective their backup strategy is or paying for the required license and dealing with all the changes that come with Windows Server 2025.
Accidentally force your customers to have to spend money to upgrade, how convenient.
Uh, if they didn't ask for it, how is Microsoft going to make them pay for it?
Good luck arguing with Ms if you aren't a giant company
Congratulation, you are being upgraded. Please do not resist. And pay while we are at it.
We are the Borg.
I have a message and a question.
A message from ESR and a question from me.
load more comments
(11 replies)
Misleading title. It was installed by a third-party updater, Heimdall, but MS labeled a Windows 11 update wrong.
Wrong.
Microsoft labelled the update as a security update
Do you know that's nor a mistake and done fully malicously knowing that? Please give me your source.
Read the fucking article.
The patch id couldnt be any clearer.
They labelled an OS version upgrade as a security update.
Yet another reason to not do auto-updates in an enterprise environment for mission-critical services.
In an enterprise environment, you rely on a service that tracks CVEs, analyzes which ones apply to your environment, and prioritizes security critical updates.
The issue here is that one of these services installed a release upgrade because Microsoft mislabelled it as security update.
load more comments
(4 replies)
view more: next ›