Microsoft still not said anything about unexpected Windows Server 2025 installs

Microsoft remains silent over Windows Server 2025 turning up in the guise of a security update earlier this week, much to the chagrin of affected administrators.

On November 5, Microsoft seemingly mislabeled the Windows Server 2025 upgrade with a globally unique identifier (GUID) for updates. The result was that some administrators' were faced with a surprise install of Windows Server 2025 thanks to patching software downloading and installing what was tagged as an update but instead turned out to be a whole new operating system.

The erroneous labeling itself was not enough to trigger an installation. However, some deployments of third party patching software misclassified it and applied it to servers. The problem was initially noted by a customer of security business Heimdal who arrived in the office to find Windows Server 2025 unexpectedly on their hardware.

According to Heimdal, Microsoft mistakenly labeled the Windows Server 2025 upgrade as KB5044284, a security update.

Morten Kjaersgaard, chairman and founder of Heimdal, told The Register: "We noticed that the Microsoft Server 2025 migration is automatic, which is mindbogglingly dangerous given the operational risk for customers facing unexpected downtime.

"On top of that, which is extremely concerning, the licensing check for Server 2025 happens only after the upgrade, which is completely irrational and adds further risk for end users, because you are then forced to pay for a new license, post your upgrade, as a rollback is virtually impossible to guarantee.

"Imagine if your electric car - say, a Tesla - received an automatic software update, but you couldn't drive on the new version, until you entered your credit card details to pay the full MSRP once again for the upgrade. Tesla would promptly be out of business, especially since you already paid for the car once."

Days after we asked the company for comment, a Microsoft spokesperson told El Reg "we're looking into this" and promised an update if it had anything to add. Since then, silence.

For affected administrators, silence will not be acceptable. Kjaersgaard told us on November 7 that Microsoft had pulled back the update however he hadn't seen a sign of a rollback being made available. He noted that such a rollback would be "technically very challenging" and said Heimdal was committed to ensuring that affected customers have a way forward via the company's Microsoft contacts.

A problematic update causing problems on Windows hardware? It all sounds rather familiar, though thankfully more limited in scope.

Jim Gaynor, editorial vice president at IT consultancy Directions on Microsoft, drew parallels with the CrowdStrike incident. He said: "This underscores that customers need to have careful monitoring of their patch/update management systems to avoid unintended consequences, and they should also have solid backup and restore processes in place to be able to recover from a failed patch/update of any sort. The CrowdStrike incident was just four months ago, after all - it's the same lesson.

"It also shows the risk of Microsoft promoting paid and/or potentially disruptive upgrades in 'trusted' channels that have traditionally been reserved for items customers could more or less blindly accept. Items that customers have been encouraged to quickly accept in the name of maintaining security.

"By putting something like an OS upgrade that requires paid license keys to activate in that channel, it means that a small error in labeling or classification or even a misclick from a hurried user could have some pretty serious consequences.

"Overall, whether it's CrowdStrike, Microsoft, or anyone else, vendors need to exercise care in how they present and deliver updates and patches - and putting a paid upgrade in the channel used for updates and patches is a risky and, in my opinion, ill-considered move that doesn't serve their customers." ®

Search
About Us
Website HardCracked provides softwares, patches, cracks and keygens. If you have software or keygens to share, feel free to submit it to us here. Also you may contact us if you have software that needs to be removed from our website. Thanks for use our service!
IT News
Dec 7
Microsoft teases Copilot Vision, the AI sidekick that judges your tabs

Edge-exclusive tool promises 'second set of eyes' for browsing

Dec 7
Micropatchers share 1-instruction fix for NTLM hash leak flaw in Windows 7+

Microsoft's OS sure loves throwing your creds at remote systems

Dec 6
OpenAI to charge $200 per month for ChatGPT Pro

How much AI does one subscriber need?

Dec 6
AI and analytics converge in new generation Amazon SageMaker

re:Invent Calling everything SageMaker is confusing - but a new name would have been worse says AWS

Dec 6
Veteran Microsoft engineer shares some enterprise support tips

How to tell a customer they're an idiot without telling them they're an idiot

Dec 6
Solana blockchain's popular web3.js npm package backdoored to steal keys, funds

Damage likely limited to those running bots with private key access

Dec 6
Day after nuclear power vow, Meta announces largest-ever datacenter powered by fossil fuels

Louisiana facility's three natural gas turbine plants to churn out 2,262 MW