I love how this doesn’t even begin to cover bad kbs ms pushed out. The fact that windows admins think testing updates before deploying them is a routine operation that should always be done boggles my mind.
Oh, and the one that did an in-place-upgrade by itself, then locked your server cause it wasn’t licensed for the new OS version.
Wasn’t that primarily an issue with a third party software? And the server shouldn’t be locked by now since I believe you get a trial period of a few months. Our servers didn’t upgrade to 2025 but we use WSUS.
The third party software did exactly what it was designed to do:
Push security updates automatically, while holding back feature updates for testing.
This is standard operating procedure. Security updates are not supposed to change anything about how a server works, so the risk of breakage is very low.
And they need to be installed as fast as possible, to patch holes that are now known to every attacker.
Microsoft were the ones who pushed out a new Server OS installation and labelled it as security update.
I still remember the update that sent domain controllers into a bootloop.
That was fun!
And the one that bluescreened all Windows servers.
No, the other one!
Oh, and the one that did an in-place-upgrade by itself, then locked your server cause it wasn’t licensed for the new OS version.
I love how this doesn’t even begin to cover bad kbs ms pushed out. The fact that windows admins think testing updates before deploying them is a routine operation that should always be done boggles my mind.
Wasn’t that primarily an issue with a third party software? And the server shouldn’t be locked by now since I believe you get a trial period of a few months. Our servers didn’t upgrade to 2025 but we use WSUS.
Or are you talking about something older?
The third party software did exactly what it was designed to do:
Push security updates automatically, while holding back feature updates for testing.
This is standard operating procedure. Security updates are not supposed to change anything about how a server works, so the risk of breakage is very low.
And they need to be installed as fast as possible, to patch holes that are now known to every attacker.
Microsoft were the ones who pushed out a new Server OS installation and labelled it as security update.