Browsing articles from "July, 2016"
Jul
17
2016

Windows 10 Upgrade Malware

The title of this Blog Post I think sums up my feelings on this, I think most users feel the same way too.  I am of course referring to the F*”$ing annoying updater app which sneaks in through Windows Updates on Windows 7, 8 and 8.1.

I maintain an installation of Windows 8.1 on my main box so I can support clients who run Windows and more importantly Windows Domains, this week I’ve been pretty stacked out working a big migration project for a client on site, it has a very tight programme.  I needed to leave MediaCity at a reasonable time to get back home to let the Landlord of my property in to replace a shower which had given up the ghost, I thought “no bother I can work on this at home while I wait for the landlord and then after he’s left I can probably get another couple of hours in”,  Windows had other ideas!!  I’ll be honest I don’t use my Windows 8.1 installation that often, infact I think it’s been a couple of months since I last booted it. But I’ve been fighting with the Windows 10 updater for a 3 or 4 months now (since 10 was released I think), cancelling it whenever it popped up and I think I had the famous Windows will install Windows 10 in 14 minutes window once which I promptly disabled.

It might be worth mentioning at this point that I have an instance of Windows 10 running in a VM I’ve been running since Beta and upgraded to a Full License about a month after it was released, at the moment running it in a VM is about as far as I want to go especially as I’ve had to roll it back when Windows Updates stuffed it a couple of months back.  I’m also trying to come up with a relatively sane schema for Security/Privacy especially as I’m supposed to be advising clients on rolling out Windows 10 in a business environment.

I’m a realist, I know that Microsoft will eventually curtail their support for Windows 7 and 8 and it’s likely to be fairly soon in the case of 7 which has been around since 2009.  Microsoft’s strategy is to support one platform only to reduce costs overall, they are in a slow decline so they need to sharpen up and supporting lots of different versions of Windows for different platforms isn’t business savvy, all this adds upto I need to get up to speed on 10 as I will need to support it en masse in the near future. However I’d like the ability to make that decision for myself .

I’ve heard lots of nightmare stories about the stealth updating of Windows 7 and 8 for a couple of months now, including a phone call from my Mum telling me that her computer was trying to upgrade the OS to 10 but I didn’t really take notice, the couple of times I’ve run my Windows 8.1 install I had just put up with constantly saying “no”, I braced myself when 10 was launched (as when I bought my 8.1 License it had a pamphlet in the box which said I had a free upgrade to 10 when it was released!!).  But on Thursday Evening I got bitten by the B”*£”$d App from Satan, as soon as I logged in the window appeared telling me it was going to upgrade to Windows 10 in 14 minutes, I looked for a cancel or decline button in the window but couldn’t find one so in haste I clicked the close window cross at the top right thinking that would stop it from continuing and got on with the work I needed to do not thinking anything more of it.  Landlord arrived, I let him in, turned the water off at the main feed and went back to work.  10 minutes later Landlord had finished I saw him to the door had a short conversation when I came back to the office to continue I found a black screen with a progress circle on it and Windows is Updating written in the middle of it.  There were plenty of expletives I can tell you!!  I sat and thought “if I kill the power now”, it was about 12% in at this point “chances are I’ll Banjax my Windows 8.1 install and it’ll be worthless and require a reinstall!!”  So I left it to the upgrade, I booted up my laptop and did abit of Googling and found that the installer creates a backup point of your 8.1 or 7 install before upgrading to 10 so for the first month you have the ability to go back to how it was!!  This was abit of a relief.  So the upgrade takes about 35 minutes (I have a fairly studly main box, i7 Extreme with 16Gb of RAM) and reboots your machine 3 times during the process.  The final part of the install, which makes me laugh now, is “Installing Hardware Drivers” then you boot back into Windows propper.

As soon as I got to the Login prompt I knew I had a problem, I have Dual 24″ Monitors attached, just one came to life with a ridiculously large login prompt, I ploughed on and entered my password and logged in.  It was as I feared I had been given Noddy Windows with a stunning 640×480 resolution and it looked terrible!!  First thing I thought was I’ll run the Nvidia Experience app and see if I can install the Windows 10 drivers through that and get the display looking something reasonable, it launched and was sized for a native resolution slightly larger than the current one so was Bloody huge, and obscured by the Windows 10 Awesome New Features window, Great!!  I managed to tab around the window but couldn’t get it to install a new driver.  I concluded it need all the third party drivers reinstalling for Windows 10, something I couldn’t easily do there and then and at this point I was still optimistically entertaining the idea I still might get some work done that evening!!  So I went straight to the Recovery Panel and rolled it back to 8.1, it then asked me why I wanted to go back…unbelievable!!  Again it rebooted itself into the shell installer and reverted back, it took about 20 minutes to do this and on rebooting it took about 10 minutes before I got to the login prompt again.  Buttocks clenched I logged back in hoping it would be as I left it, it was thankfully, the stuff I’d been working on before it took control had been lost it hadn’t bothered to save anything.  Thankfully the apps I was using have crash recovering so they showed me the recover files, however the ordeal wasn’t quite over yet, I thought I’ll reboot it again to be on the safe side.  I went to restart through the start menu and saw the updates icon next to Shutdown, clicked the arrow at the side as I wanted to reboot anyway and usually you get shutdown or reboot without installing updates but this time they weren’t present.  By this time my suspicions had been aroused by the underhanded Windows 10 upgrader so I went and had a look in Windows Updates only to find Windows 10 update, click restart to update.  So despite rolling it back and explaining why you were doing that it was still going to update to Windows 10 again!!!

By this time if there had been a cat in the room it would have been in severe danger (I don’t endorse animal cruelty by the way, it’s a metaphor!!),  more Googling and I found that because people weren’t taking notice of the polite app asking them to upgrade it had decide to send another app down the Windows Update pipeline which had packaged Windows 10 up as an update which WU then tried to apply at every opportunity.  The actual updater app is packaged within update KB3035583 actually categorised as a “Security Update” by WU which I do look at updates before I apply them, this one slipped through the net, so I manually removed it.  During the Windows Update process it dumped 6.0Gb of data onto my local disk, this is the upgrade pack, it can be found in C:/Windows/$WINDOWS.~BT needless to say I deleted that aswell.  I was able then to reboot my system without any further attempts to upgrade.

The reason for all this apparently the free upgrade period comes to an end on July 29th so Microsoft are going to become more persistent to upgrade everyone to 10.  Based on my experience though this is method of hounding people is both irresponsible and reckless, generally when I install/upgrade Windows I have an external hard drive with all the drivers I need for every bit of hardware in the system on standby so I can quickly get the system up to a usable level, because of the Microsoft stealth upgrade I was pretty unprepared and I was left with something that’s barely usable.  Now I’m a SysAdmin and I like to think reasonably experienced, what about a less inexperienced, non technical user what you would leave them with is in their mind a “broken” computer which would require “fixing”.  If this had happened to my Mum especially at the moment, she is going through the process of selling her house and needs the use of her PC frequently, I would have had to go round and sought it out for her.  Other people may have to resort to paying some one to sought that out, this type of stupidity could damage Microsoft’s already tarnished image and cause alot of people to loose confidence in them,  something they can ill afford to do, especially for the more casual computer user who could quite easily defect to Apple.  If you have a problem with your Mac you can take it to an Apple store to get it sorted, where’s my nearest Microsoft store again, oh yes that’s right Fifth Avenue, New York!!

So to summarise what Microsoft did was to place Malware onto a users’ machine which then hijacked it an took control away from the user and then installed a virus on the machine which rendered it crippled.  Great work, you’ll be lucky if maintain your market share this year!!