MS Sneaks Win10 Upgrade Spam in IE11 Security Update

This broke my trust with Microsoft. If this was greenlighted, I wonder how long it will be before we are required to install W10. I mean who in the right mind at Microsoft green lighted putting it in an internet explorer update to bypass current blocks on the upgrade?
 
This broke my trust with Microsoft. If this was greenlighted, I wonder how long it will be before we are required to install W10. I mean who in the right mind at Microsoft green lighted putting it in an internet explorer update to bypass current blocks on the upgrade?

Is it confirmed that this actually bypasses a Group Policy block on the W10 upgrade? If the upgrade itself is blocked, a standard user shouldn't have access to run it without authenticating, even if they see the promo box for it.
 
Is it confirmed that this actually bypasses a Group Policy block on the W10 upgrade? If the upgrade itself is blocked, a standard user shouldn't have access to run it without authenticating, even if they see the promo box for it.

It bypassed the +200 systems on our work domain. They couldn't install it because of a group policy but all of our systems are on a domain and have precautions installed to prevent the install from even showing up.
 
It's bad 'security' to run an outdated OS such as Windows 7 or 8.1

Windows 7 is fully supported my Microsoft until 2020. For enterprise environments like where I work, you don't upgrade anything if it is still supported and works.
 
It's bad 'security' to run an outdated OS such as Windows 7 or 8.1

It's also bad 'security' to run an OS that installs updates on its own on day 1 when too many times in the past those updates have been the root cause of other issues, including machines being completely dead in the water and having to be re-imaged or patched (when a patch is released) in order to restore functionality.

Please, show me where a 7 or 8.1 machine has been utterly and catastrophically hacked because of the OS being "outdated". Hell, show me where an XP machine has been, because the last time I checked, I haven't heard of anything like that happening yet either. Yet the FUD train continues, because bleeding edge is the only place to be, where Microsoft makes all your decisions for you.
 
It bypassed the +200 systems on our work domain. They couldn't install it because of a group policy but all of our systems are on a domain and have precautions installed to prevent the install from even showing up.

If they couldn't install it, it's not a bypass. Your GP is working properly.

Just one more reason to migrate to a more robust browser than IE11 if you have a problem with the ads in the browser itself.
 
Wonder how far Microsoft is going to push this... :rolleyes:
 
"On non-domain joined machines this adds a blue banner when a user opens a "New Tab" saying "Microsoft recommends upgrading to Windows 10"

don't worry heatlessun will be on shortly to defend this move by Microsoft...anyone that defends this move needs to get their heads checked...this is the main reason why I wait 2-3 weeks before installing any new updates
 
"On non-domain joined machines this adds a blue banner when a user opens a "New Tab" saying "Microsoft recommends upgrading to Windows 10"

don't worry heatlessun will be on shortly to defend this move by Microsoft...anyone that defends this move needs to get their heads checked...this is the main reason why I wait 2-3 weeks before installing any new updates

This didn't even come in an update that you could stop. My work system has automatic updates turned off. The last time I got an update that wasn't installed using our enterprise management system (that I also am in charge of) was Feb 4th. This is the problem that I have with it. It didn't install through windows update. It might have come in a critical fixlet that I deployed, but Microsoft went out of their way to make sure it wasn't a part of the patch notes or anything that would hint that the W10 installer would be included.
 
Microsoft went out of their way to make sure it wasn't a part of the patch notes or anything that would hint that the W10 en installer would be included.

Exactly.
As the article says:
The primary purpose of security update MS16-023 for Internet Explorer -- which was released just yesterday -- is, according to support document KB 3139929, to resolve "several reported vulnerabilities" in the browser, including one which "could allow remote code execution if a user views a specially crafted webpage in Internet Explorer".

However, it also states that the security update includes "several nonsecurity-related fixes for Internet Explorer".

Click that link and you’ll be shown some more KB article numbers, including KB 3146449. This is described as "Updated Internet Explorer 11 capabilities to upgrade Windows 8.1 and Windows 7" which naturally starts alarm bells ringing.

Clicking that link reveals that the update "adds functionality to Internet Explorer 11 on some computers that lets users learn about Windows 10 or start an upgrade to Windows 10. Before you install this update, see the Prerequisites section. For more information about Windows 10, see Windows 10".

BS is buried under several nested links and nested updates.
Short of installing updates anyway (which they've done before), this is the next worst thing IMHO.
Par for the course.
I recently had to re-image and updated to 10 but I'm regretting that at this point. I'm about to blow another few hours re-imaging back to 7 (with updates disabled) because of this type of shit. They're pulling it now where people have partial choices, and it's only going to get worse when they start doing this stuff in 10 because you have no choice on updating.
 
pretty soon Windows 7 is going to transform into a giant ad for Windows 10...Get Windows 10 Desktop wallpaper, screen saver, banners at the top of every folder and webpage...MS just needs to go all out and do what they really want- end support for Windows 7 altogether...when you have to choose between getting critical security updates and a Windows 10 banner ad, MS has truly gotten to the point of no return

I wonder if the public outcry will get MS to separate the IE security update from the banner ad...since they have 2 separate KB numbers it should be relatively easy to do on their end
 
I rarely use IE anyways, but this is still annoying.
 
I wonder if the public outcry will get MS to separate the IE security update from the banner ad...since they have 2 separate KB numbers it should be relatively easy to do on their end

People are fucking stupid and don't know the difference nor do they or would they give a shit - they get Windows 10 for free? "Fuck Windows 7/8/8.1, GIMME THE FREE SHIT..." or words to that effect is basically what most any consumer will have as the immediate reaction. The 200+ million already having taken advantage of the free upgrade that Microsoft keeps touting is obviously a perfect example of the stupidity of people in mass quantities if there ever needed to be one. ;)
 
It's bad 'security' to run an outdated OS such as Windows 7 or 8.1
Although I think most home user holdouts are silly, some have legit reasons (WMC) for not upgrading and Windows 7 and 8.1 are not out dated or insecure. I also don't know why MS would force a message on someone that went to extremes to block it.
 
It's also bad 'security' to run an OS that installs updates on its own on day 1 when too many times in the past those updates have been the root cause of other issues, including machines being completely dead in the water and having to be re-imaged or patched (when a patch is released) in order to restore functionality.

Although I don't do it, you can delay updates on 10 Pro, and I assume people who are [H]ard run Pro. I'm certainly not the [H]ardest user here, but I've never run the home version of windows (unless you go back to being a Win 9x, when it was just one version)
 
Who the hell still uses IE?!

Enterprise environments. That and its not like you have to use IE to get updates for it. Its not like Java or Adobe Reader where it lets you know when there is an update and you can download it.
 
Enterprise environments. That and its not like you have to use IE to get updates for it. Its not like Java or Adobe Reader where it lets you know when there is an update and you can download it.

If you never use IE, this update does not negatively affect you in any way. The banner is only present when opening a new tab in IE. Additionally, machines joined to a domain (Enterprise environments) are not supposed to be showing the banner at all. Our machines here at work got the update, but we're not seeing the banner except on nodes that we do not have joined to the domain. The most obnoxious part of it for us is that the message is displayed on W7 VM guests that are not on a domain and cannot be properly upgraded to W10 in the first place.
 
If you never use IE, this update does not negatively affect you in any way. The banner is only present when opening a new tab in IE. Additionally, machines joined to a domain (Enterprise environments) are not supposed to be showing the banner at all. Our machines here at work got the update, but we're not seeing the banner except on nodes that we do not have joined to the domain. The most obnoxious part of it for us is that the message is displayed on W7 VM guests that are not on a domain and cannot be properly upgraded to W10 in the first place.

The banner was a non issue for us. Our group policy blocked that just fine. Our users got the system tray icon with the update and that was more of the problem for us since our users tend to just click everything shiny. It wouldn't let them install Windows 10 if they wanted to, but just having the icon there was enough to cause some headaches over concerned management sending our department some emails.
 
It's bad 'security' to run an outdated OS such as Windows 7 or 8.1

They are not outdated, will get security updates for my 8.1 until 2023 so cut the BS.

I'm not seeing any banner ad anyway so my security setup is working.
 
Exactly. SharePoint.
Even though I've found that Chrome typically renders and works with SharePoint as good as IE in most cases.

I use Chrome too, but most of our employees have one or two things that require use of IE. I even have a few shortcuts in my IE that won't load correctly in Chrome. Mostly just administration dashboards like our Shoretel admin site.
 
According to the Infoworld article, installing KB3139929 (the IE11 security update) causes KB3146449 (the Win10 banner for new tabs in IE11) to also be installed.

I've got GWX Control Panel installed on both my Win7 and Win8.1 PCs, and while KB3139929 shows in the update history for both PCs, neither one has KB3146449, nor does the banner appear in IE11 in new tabs. Neither of these PCs are on a domain. Even though GWX Control Panel hasn't been updated since January, it seems to be effective against this anyway, though I'm not sure how.
 
Wow, sounds annoying. Thankfully I upgraded to Win 10 on day one so this isn't an issue. No nagware here.
 
Windows 7 is fully supported my Microsoft until 2020. For enterprise environments like where I work, you don't upgrade anything if it is still supported and works.

That's actually not true, it ended mainstream support January 13, 2015. Now is the extended support period where it only gets critical security patches. Basically now is the time to start planning your move off 7, because it takes most enterprises years to get that done.
 
That's actually not true, it ended mainstream support January 13, 2015. Now is the extended support period where it only gets critical security patches. Basically now is the time to start planning your move off 7, because it takes most enterprises years to get that done.

Most people here are aware that Windows 7 is not only receiving security updates until 2020 and that's fine. They usually aren't concerned with the bug fixes.
 
It's bad 'security' to run an outdated OS such as Windows 7 or 8.1
Windows 7 is fully supported my Microsoft until 2020. For enterprise environments like where I work, you don't upgrade anything if it is still supported and works.
That's actually not true, it ended mainstream support January 13, 2015. Now is the extended support period where it only gets critical security patches. Basically now is the time to start planning your move off 7, because it takes most enterprises years to get that done.

AltTabbins was replying to bigdogchris who said it was bad security to use Windows 7. In that context it's fully supported.
 
I think that new tab upgrade notification relies on other updates being installed. Since I avoided all those other W10 malware Windows updates, I don't see a notification in IE11. Small win!
 
It's also bad 'security' to run an OS that installs updates on its own on day 1 when too many times in the past those updates have been the root cause of other issues, including machines being completely dead in the water and having to be re-imaged or patched (when a patch is released) in order to restore functionality.

Please, show me where a 7 or 8.1 machine has been utterly and catastrophically hacked because of the OS being "outdated". Hell, show me where an XP machine has been, because the last time I checked, I haven't heard of anything like that happening yet either. Yet the FUD train continues, because bleeding edge is the only place to be, where Microsoft makes all your decisions for you.
It was a tongue-in-cheek comment... I was making fun of Microsoft.

On side note, I recently tried IE11 on 7 with fully patched security updates and did not see any usual Windows 10 prompts other than the ones you get on msn.com. Has anyone actually seen what this new prompt looks like?
 
My work computer finally has the icon on the start bar for Win10...I wonder if it was this update that made that happen. We use "OnePath" formally known as "BlueWave" for IT. Hmmm

Also, fuck Win10.
 
was the 'Get Windows 10' banner removed?...I don't see it in IE11 and I just did a reformat the other day...maybe MS came to their senses and realized that putting that crap into a security update was a stupid thing to do
 
was the 'Get Windows 10' banner removed?...I don't see it in IE11 and I just did a reformat the other day...maybe MS came to their senses and realized that putting that crap into a security update was a stupid thing to do

It only displayed the first time IE11 was run after the KB was installed, iirc.
So it wouldn't be displayed on subsequent uses of the application.
 
It only displayed the first time IE11 was run after the KB was installed, iirc.
So it wouldn't be displayed on subsequent uses of the application.

cool, I didn't know that...so why the big uproar if it was just a 1 time thing...I thought it was set to display in the New Tabs page every time...the internet made it a bigger deal then it was
 
Back
Top