Random Thread - Anything Goes
-
@Dashrender said in Random Thread - Anything Goes:
So, like Dustin mentioned - short of a broken update mechanism (sadly something that seems to happen a lot, like greater than 5% of the time) if it says it's up to date, it should be - at least for Windows...
Even brand new, pristine Windows that is never, ever true. It's always incorrect. I just did 70 Windows boxes ranging from Windows 7 to 10, and Server 2008 R2 to 2019, every single one of them said it was up to date, and not one was. They ranged from missing one patch from a few days before (only one or two were that good) to at least five or six had never had a single update, ever with at least three missing six years of updates!
Every one said it was up to date.
-
@scottalanmiller said in Random Thread - Anything Goes:
@Dashrender said in Random Thread - Anything Goes:
So, like Dustin mentioned - short of a broken update mechanism (sadly something that seems to happen a lot, like greater than 5% of the time) if it says it's up to date, it should be - at least for Windows...
Even brand new, pristine Windows that is never, ever true. It's always incorrect. I just did 70 Windows boxes ranging from Windows 7 to 10, and Server 2008 R2 to 2019, every single one of them said it was up to date, and not one was. They ranged from missing one patch from a few days before (only one or two were that good) to at least five or six had never had a single update, ever with at least three missing six years of updates!
Every one said it was up to date.
What are you basing that on? Definitely not saying you're wrong, I'm just wondering what you are using to verify what is and is not installed? Manually running the update? a third party tool? a powershell script?
-
@Dashrender said in Random Thread - Anything Goes:
@scottalanmiller said in Random Thread - Anything Goes:
@Dashrender said in Random Thread - Anything Goes:
So, like Dustin mentioned - short of a broken update mechanism (sadly something that seems to happen a lot, like greater than 5% of the time) if it says it's up to date, it should be - at least for Windows...
Even brand new, pristine Windows that is never, ever true. It's always incorrect. I just did 70 Windows boxes ranging from Windows 7 to 10, and Server 2008 R2 to 2019, every single one of them said it was up to date, and not one was. They ranged from missing one patch from a few days before (only one or two were that good) to at least five or six had never had a single update, ever with at least three missing six years of updates!
Every one said it was up to date.
What are you basing that on? Definitely not saying you're wrong, I'm just wondering what you are using to verify what is and is not installed? Manually running the update? a third party tool? a powershell script?
Manual. When you say "check now", it changes from "Up to Date" to "Missing 150 patches".
And that's a real number. Machines that had zero updates for six years said that they were up to date, but when you manually forced it to verify that, the OS would instantly switch to "eek, I'm SO out of date!!"
Clearly the OS can know, but there's nothing actually checking and updating that message. It just always says that.
-
@scottalanmiller said in Random Thread - Anything Goes:
Clearly the OS can know, but there's nothing actually checking and updating that message. It just always says that.
So your complaint is about software that wasn't designed to go out and update the "Hey I'm due for updates dipshit" alert that has existed for years as a wholly manual operation.
I understand the complaint, but the issue shouldn't be with a known mechanism that requires interaction, but instead the complaint should be that the administrator is upset that they didn't know about this manual requirement.
Only until recently (Windows 10) did update notifications get pushed to the desktop.
-
@scottalanmiller said in Random Thread - Anything Goes:
@Dashrender said in Random Thread - Anything Goes:
@scottalanmiller said in Random Thread - Anything Goes:
@Dashrender said in Random Thread - Anything Goes:
So, like Dustin mentioned - short of a broken update mechanism (sadly something that seems to happen a lot, like greater than 5% of the time) if it says it's up to date, it should be - at least for Windows...
Even brand new, pristine Windows that is never, ever true. It's always incorrect. I just did 70 Windows boxes ranging from Windows 7 to 10, and Server 2008 R2 to 2019, every single one of them said it was up to date, and not one was. They ranged from missing one patch from a few days before (only one or two were that good) to at least five or six had never had a single update, ever with at least three missing six years of updates!
Every one said it was up to date.
What are you basing that on? Definitely not saying you're wrong, I'm just wondering what you are using to verify what is and is not installed? Manually running the update? a third party tool? a powershell script?
Manual. When you say "check now", it changes from "Up to Date" to "Missing 150 patches".
And that's a real number. Machines that had zero updates for six years said that they were up to date, but when you manually forced it to verify that, the OS would instantly switch to "eek, I'm SO out of date!!"
Clearly the OS can know, but there's nothing actually checking and updating that message. It just always says that.
OK, but what date/time did it have as last updated? was it today, or even yesterday? if not, well then of course it's not updated... and that's the brokenish that I see frequently... it's not even checking...
-
@DustinB3403 said in Random Thread - Anything Goes:
@scottalanmiller said in Random Thread - Anything Goes:
Clearly the OS can know, but there's nothing actually checking and updating that message. It just always says that.
So your complaint is about software that wasn't designed to go out and update the "Hey I'm due for updates dipshit" alert that has existed for years as a wholly manual operation.
I understand the complaint, but the issue shouldn't be with a known mechanism that requires interaction, but instead the complaint should be that the administrator is upset that they didn't know about this manual requirement.
Only until recently (Windows 10) did update notifications get pushed to the desktop.
No - he has a legitimate gripe... updates that are supposed to be happening automatically daily simply aren't. His picture showed one example from 2017... Assuming that was one of these recent machines - what is the excuse this machine has for not having "Last Checked" be much more recent? Windows 10 is SUPPOSED TO BE - a freakin' service - lol... but updates are as broken now as they have ever been.
-
@Dashrender said in Random Thread - Anything Goes:
@DustinB3403 said in Random Thread - Anything Goes:
@scottalanmiller said in Random Thread - Anything Goes:
Clearly the OS can know, but there's nothing actually checking and updating that message. It just always says that.
So your complaint is about software that wasn't designed to go out and update the "Hey I'm due for updates dipshit" alert that has existed for years as a wholly manual operation.
I understand the complaint, but the issue shouldn't be with a known mechanism that requires interaction, but instead the complaint should be that the administrator is upset that they didn't know about this manual requirement.
Only until recently (Windows 10) did update notifications get pushed to the desktop.
No - he has a legitimate gripe... updates that are supposed to be happening automatically daily simply aren't. His picture showed one example from 2017... Assuming that was one of these recent machines - what is the excuse this machine has for not having "Last Checked" be much more recent? Windows 10 is SUPPOSED TO BE - a freakin' service - lol... but updates are as broken now as they have ever been.
That gripe isn't what he's complaining about. He's complaining that he isn't being told there are updates available. Which that "Check for updates" has always been a manual process until recently (within a few years).
It's still manual optional by allowing you to "check for updates" on demand.
-
And as for the the updates not being done, that is also the administrator’s problem to not have configured the devices to check automatically.
-
-
-
-
@nadnerB said in Random Thread - Anything Goes:
Reward2: Not being clawed to shreds for petting the kitty.
-
@JaredBusch said in Random Thread - Anything Goes:
And as for the the updates not being done, that is also the administrator’s problem to not have configured the devices to check automatically.
What? that's the default setting in Windows 10 - you have to go out of your way to disable that.
-
@JaredBusch said in Random Thread - Anything Goes:
And as for the the updates not being done, that is also the administrator’s problem to not have configured the devices to check automatically.
It was caused by NinjaRMM. Apparently it disables all patching, but then reports that patching is done so that it looks like it is handling things when, in fact, it is disabling them. So people were checking for years (via NinjaRMM rather than manually) and thinking that it was patching.
So even when people set it to check, it would get turned off. The error was in believing the RMM and not verifying it when it said that it was doing something.
-
@scottalanmiller said in Random Thread - Anything Goes:
@JaredBusch said in Random Thread - Anything Goes:
And as for the the updates not being done, that is also the administrator’s problem to not have configured the devices to check automatically.
It was caused by NinjaRMM. Apparently it disables all patching, but then reports that patching is done so that it looks like it is handling things when, in fact, it is disabling them. So people were checking for years (via NinjaRMM rather than manually) and thinking that it was patching.
So even when people set it to check, it would get turned off. The error was in believing the RMM and not verifying it when it said that it was doing something.
Holy hell!
-
@scottalanmiller said in Random Thread - Anything Goes:
@JaredBusch said in Random Thread - Anything Goes:
And as for the the updates not being done, that is also the administrator’s problem to not have configured the devices to check automatically.
It was caused by NinjaRMM. Apparently it disables all patching, but then reports that patching is done so that it looks like it is handling things when, in fact, it is disabling them. So people were checking for years (via NinjaRMM rather than manually) and thinking that it was patching.
So even when people set it to check, it would get turned off. The error was in believing the RMM and not verifying it when it said that it was doing something.
This sounds like a lazy administrator had something misconfigured, or just didn't care, in either case the issue lies with a human error / laziness.
-
@scottalanmiller said in Random Thread - Anything Goes:
The error was in believing the RMM and not verifying it when it said that it was doing something.
The error was not correctly configuring the RMM.
-
@JaredBusch said in Random Thread - Anything Goes:
@scottalanmiller said in Random Thread - Anything Goes:
The error was in believing the RMM and not verifying it when it said that it was doing something.
The error was not correctly configuring the RMM.
Nice try, but the vendor couldn't figure it out either. We've heard from other companies that have used it that they have the same problem. It's not supposed to need to be configured, either, the setting to keep it patched and report on it being patched was configured, but it doesn't do what is described.
-
Even if that wasn't the problem, that you have to manually reconfigure an RMM because the assumption that a default disables patching, but claims to be patching is just as absurd and ridiculous.
-