• @CriticalMiss
    link
    English
    2013 days ago

    Hate to be that guy but if you automatically patch critical infrastructure or apply patches without reading their description first, you kinda did it to yourself. There’s a very good reason not a single Linux distribution patches itself (by default) and wants you to read and understand the packages you’re updating and their potential effects on your system

    • @[email protected]
      link
      fedilink
      English
      2513 days ago

      While you are generally correct, in this case the release notes labeled this as a security update and not an OS upgrade. The fault for this is Microsoft’s not the sysadmin.

    • @[email protected]
      link
      fedilink
      English
      1513 days ago

      Many distros (at least Ubuntu) auto-installs security updates, and here a mislabeled “security update” was auto-installed. This is not the fault of the sysadmins.

      • @[email protected]
        link
        fedilink
        English
        713 days ago

        here a mislabeled “security update” was auto-installed.

        To be fair, you would have to read all the way to the first paragraph to get this information from the article. Hard to blame people for not knowing this critical bit of information when it was buried so deep

    • @[email protected]
      link
      fedilink
      English
      213 days ago

      There’s a lot of people out there running automation to keep their servers secure. Well I agree any automation out there should be able to flag and upgrade excluded, It would seem to me like Microsoft should own some of the blame for a full ass hard to uninstall OS update fed in with the same stream and without it interaction. I kind of expect my OS in stall pop up a window and say hey a****** this is going to upgrade your system, are you cool with that. I don’t know how it works these days but I know back in the day going between versions you would have to refresh your licensing on a large upgrade.

      • @CriticalMiss
        link
        English
        512 days ago

        Unlike with other OSes Microsoft releases all of their patches on Tuesday at around the same time in one big batch. I spend my Tuesday morning reading the patch descriptions and selectively applying them. A method that hasn’t failed me once.

        • @[email protected]
          link
          fedilink
          English
          112 days ago

          Yeah, I’m using Ninja on about 120 boxes. It’s set to auth critical only. If someone reports a problem, we’ll go ahead and blacklist that update temporarily while we sorted out even though it’s semi-automated they never happen all at once there’s always a couple of canaries that get up a little early.