Starting December 2020, Microsoft will begin Some Windows 10 users about to be force upgraded if they use older versions (windowslatest.com) if they don’t update their PC manually. The move comes after Microsoft announced that it’s ending support for Windows 10 version 1903, including Windows 10 Home and Windows 10 Pro.
It shouldn’t be a concern for most users considering that the tech giant issued the upgrade alert two months ago. Microsoft had also confirmed that it would start forcing people to upgrade even if they don’t want to.
Does anyone even know what all these version numbers even mean anymore? There’s version numbers, date-based names, build numbers – I have completely and utterly lost track of Windows’ development cycle and rollouts.
I’m on Windows 1909 with no update in sight. It seems to be held back even though I cannot find any reason in the issue page for the 10th May 2020 update. I have a Conexant audio driver but not one of the problematic versions listed. In spite of indicating otherwise manual update does nothing for this. I just get update previews which I don’t want.
A 1909 cumulative update tonight landed me with a configuration page trying to force me into creating a Microsoft Account. Isn’t this against GDPR? Like what part of NO doesn’t Microsoft understand?
HollyB,
Does GDPR have anything to say about clickwrap licensing? Because companies will argue that users do consent to their privacy terms (even when agreement is coercive and they didn’t actually consent to it by choice).
Yes there’s a fair chunk of the GDPR about manufactured consent and inertia selling. Companies can argue all they like but it’s very very clear in the GDPR this is unlawful. This also applies to all those websites pummeling users with consent boxes. The number I’ve seen with a big fat “Accept” box with a bazillion data snoopers set as default only unless you click “change” and set them all to no? This is against the GDPR too if you dig into the detailed guidance. Ultimately the opinion of these business has zero power in law. Only the courts opinion counts in the final analysis.
Sorry it’s been ages since I viewed GDPR. I’m somewhat weighed down at my end so you’ll need to look it up yourself.
HollyB,
I asked because you were making the claim and I’m less familiar with it than you are. Anyways I’m neither protected nor bound by the GDPR here so I was just asking out of interest.
GDPR is a baseline for EU (and currently UK) stuff and a global influence. It’s like cars. People aren’t going to manufacture a million different versions for every single market but tack towards signification markets. Same with GDPR. It’s worth reading for ideas because it allows you to view an effective implementation and lobby in your own country for better.
HollyB,
Well, you’re not wrong to suggest it, but given where US politics are at this is extremely unlikely here. I started to write my take on US politics…but instead of going down this rabbit hole I’ll just summarize that I’m not very optimistic. 🙁
Yes I aprpeciate the mess the US is in politically with all this. I keep my eye on international affairs so have half a clue. GDPR has already nudged the US (or some states) in a better direction so some progress even if not the whole way.
I’ve seen these “finish setting up your device” modal screens after updates on our Win10 Pro machines at work, I just dismiss the screen and so far we haven’t been bugged again. A Microsoft account makes zero sense on a business machine unless one is running their entire operation via Microsoft services. At home I refuse to run Windows anymore; between my waning interest in gaming and the rest of my needs already met by Linux and BSD, I have no need for it.
I ended up dismissing the screen too. On a subseuqent reboot Microsoft tried the same trick by peddling Edge with the same lack of a “No go away you pestering horribleness” button.
The reason I stopped running Linux Mint is because Veracrypt were being twats about full disk encryption and TPM plus the whole Windows and Linux tripping over each other thing. I’m too tired to deal with this on top of setting up my software so it works without hassle so defaulted back to Windows. That said Microoft are as big a pain as Apple with their dirty tricks and walled gardens so I may revist this at some point.
Yeah – I really hate that trying to force me in a account. I want to have a local account and do NOT want to log in to a Microsoft account. The most infuriating is that you get two choices – Create the account now, or create the account later. You don’t even get the choice to say NO anymore. I hate that with a passion. Also – When you want to install a new Windows (or re-install your present Windows because of a disk crash or something), you HAVE to disconnect your computer from the internet, otherwise you are completely unable to create a local account. If you are connected, you are only able to create a Microsoft account and nothing else.
The only reason I can think of why they want to force every Windows user in a Microsoft account, is that they are preparing to make Windows a subscription OS. I think we are not that far away that you have to pay a monthly fee to keep your Windows working. I might be wrong, but everything points that way.
I’m guessing that “version 1903” was released 117 years ago, reached “end of life” after the first 100 years, and now Microsoft are getting annoyed that people haven’t updated in the last 17 years. 😉
Brendan,
I looked it up, the version microsoft is forcing users to upgrade (1903) was released may of 2019…
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-version-1903-may-2019-update/
It’s not really news, these forced updates were always part of microsoft’s plan for windows 10. Users cannot opt out of updates, even if they’re unpopular, undo user preferences, or contain anti features. Savvy users may nevertheless be able to find ways to block updates, but microsoft’s intention is for owners not to have a choice. This level of control over my computer is one of the reasons I pushed back against windows 10 as too invasive.
If you intend to not upgrade your software, you definitely should not be using Windows and never plug such machine on to the internet anyway. Such use cases do exist, yes, but not for desktop consumers.
This is a made-up problem by idiots.
sj87,
Frankly the dangers are often exaggerated for drama especially if you have a firewall and up to date browser. But regardless of that I think that misses a big part of the problem, which is that users aren’t against security updates. We are against overreaching updates that deploy antifeatures and unwanted features in general. There’s used to be a distinction between critical security updates and optional feature updates. That microsoft decided to clump these together is not a “made up problem by idiots”.
I totally agree.
Basically all Operating systems other than Open or Net BSD maybe do this. They add new non optional features as they get developed. This is why RHEL was successful, because it promised not to do that for 10 years.
I would very much like to see a good (unbiased) scientific study that determines if the risk of problems caused by updating (including downtime caused by the time taken to install the updates themselves; and unwanted “intended by Microsoft” changes, and “unintended by Microsoft” breakage) is higher or lower than the risk of problems that actually would have been avoided by updating.
I would also like to see a good scientific study that determines if there’s a relationship between update frequency and the quality of releases. If a software developer knows that users update often are they more likely to release lower quality software that needs to be updated more often (and if a software developer knows that users rarely/never update are they more likely to release higher quality software that needs to be updated less often)?
Sigh…really? Are we REALLY gonna have people here argue that not having SECURITY PATCHES is a good thing? It sounds like a fricking anti-vax convention in here. Does nobody remember what a clusterf*ck from hell it was when users could trivially turn off updates? Remember all the worms, viruses, and malware that was constantly spreading willy nilly all over the place?
You shouldn’t run ANY Operating system in 2020 connected to the net without security patches, full stop. Every.Single.OS. is being actively targeted these days full time by those who make their living off exploiting infected machines for everything from stealing bank accounts to cryptomining and if you think you aren’t affected because you run some Linux distro? Guess what you are currently an even more juicy target than many Windows users..
https://www.makeuseof.com/linux-vulnerable-to-malware/
bassbeast,
“Sigh…”, really?
Nobody is arguing that security patches are bad. I think you missed the point about updates being turned into a sneaky mechanism to push unwanted features and that is what’s bad.
I would never claim that any system is totally fool proof. With that said though the fact is that most malware does not occur through internet facing vulnerabilities. Instead it gets installed through users voluntarily by masquerading as something innocent or some other form of user error. Having updates enabled will not protect most users. What can protect them is antivirus software that is able to identify malware before it runs.
It’s an interesting list, but let’s analyze it closer…
Many of these have sophisticated stealth payloads and innovative control channels that hide their presence from the operators. Yet not a single one of them depended on an unpatched linux system, they are all targeting human error/weaknesses to get access and from that point the code runs as the user with the operating system’s blessing.
So once again I’m not saying security patches are bad, quite the opposite. But realistically the majority of successful attacks in the wild actually attack careless users rather than unpatched systems. This drama about unpatched systems needs to be put into perspective since most malware never makes it past the firewall anyways…not until the user executes it.
So let’s just tone down the better-than-thou commentary a bit 🙂
Yes.
Let’s be more direct and say that “unwanted features from Microsoft” are a form of malware. We can say that the update mechanism in Windows is capable of installing malware.
Further, because Microsoft are able to force updates on people (without giving them any choice) using a proprietary “Microsoft only” method; we can say that the update mechanism in Windows is a “back-door” security hole that can install malware.
Now we can create a parody of bassbeast’s words: “Sigh…really? Are we REALLY gonna have people here argue that having A SECURITY HOLE THAT CAN INSTALL MALWARE is a good thing?”.
That’s insane. Yeah Tricking people is also very lucrative, but there are plenty of automated scanners out there hunting for unpatched vulnerabilities. Just open up a box to the net and look in the logs.
Bill Shooter of Bul,
Yeah. I see tons of brute force attacks over standard ports like SSH, IMAP, SMTP, and even SIP to gather usernames & credentials. One such attack at home was so persistent and would not stop blasting packets my way even when blocked at the firewall. I decided to try a different approach: I temporarily redirected the traffic to a honeypot that would accept erroneous logins. The moment I did the brute force attack stopped and presumably the false credentials were recorded by the attacking software for future use.
I see HTTP scans too but the thing about these is that they’re not usually attacking OS or even HTTP daemons, they’re really scanning for vulnerable web applications like oscommerce, wordpress, magento, etc. Most web developers will see their share of disgusting code and compromised sites, even from the big brands that you would expect to be better. When you combine this with a public facing attack surface it spells disaster even under a fully updated operating system 🙁
There’s a ton we can do as administrators to minimize attack surfaces, like firewalls & closing unnecessary services, but sometimes our hands are tied with respect to not being able to shut down dangerous services because they are needed for business operation. It’s these weaknesses that leave our systems the most vulnerable. I guess if there’s a “good side” to all of this it is that as webapps continue to be attacked it encourages their respective developers to take code quality more seriously and improve their code bases.
Do not assume people who are not jumping in without thinking into a rote learned nod along mode to get in lockstep with official security patches know nothing about security. Security is a process. Security is about risk analysis. You can avoid most security problems simply by good practice and hygiene. Most people simply aren’t the target for advanced threats. Nobody is going to waste a zero day on you.
If I had anything which was covered by regulation or liabilities it would be on a machine not connected to the internet.
Calm down.
I don’t get the problem, forums complain about the security risk from users not keeping the platform up to date, then they complain about the very same being forced to update. It’s a bit hypocritical, and most of the whinging comes from micro-managers who think they know more in isolation than a cast of thousands at the source!
My only concern is that forced upgrades can break legacy applications, it’s always been my only concern. But if a forced upgrade is fixing something that is already broken, like a serious security flaw, then we should just live with it and stop complaining!
As long as they do not start doing like some vendors, and send our performance crippling patches so users salivate at the prospect of a performance boosting upgrade!
I really dislike the idea of being treated by any company like I’m their property. Once upon a time these companies did listen to technical people and consider user experiences but in the post-Snowden post-social media world all the traditional avenues for having a voice and influence have been closed down. After having escaped sanction for monopoly abuse I feel the shift in corporate strategy by Microsoft et al is business as usual with a glossier face. You see this kind of thing with government too in the UK when bringing in a new act of Parliament wipes out all the case law up to that point so the trivial benefits of the new law are peanuts to what was lost.
I have more than a sneaking suspicion that security is being used as an excuse to justify mandatory updates. Yes I know computers not being updated can present problems especially on a network whether it’s a patch or a new OS rev but even so. The feature creep, bloat, forced obsolecence of old but usable computers and applications, shifts from open to closed systems with increasing degrees of corporate gatekeeping with vested interests lurking in the background and kicking of the ladder away for new OS vendors to enter the market makes me find all this is questionable. Throw in lazy law enforcement and nod along media and the way they are behaving isn’t far removed from Saudi Arabia.
“Does anyone even know what all these version numbers even mean anymore? There’s version numbers, date-based names, build numbers – I have completely and utterly lost track of Windows’ development cycle and rollouts.”
According to a Note on the What’s New for Windows 10 20H2 (https://docs.microsoft.com/en-us/windows/whats-new/whats-new-windows-10-version-20h2), “With this release and future releases, the Windows 10 release nomenclature is changing from a year and month pattern (YYMM) to a year and half-year pattern (YYH1, YYH2).” So that’s what versions mean.
At this loint I would think they would just ditch the 10 and use the YYH(1|2) Versioning. Windows 10 released in an unfinished mess, and they are slowly sorting it out. But I do wish they would allow you to pick 3d icons vs that flat garbage that has become so popular…
Indeed using a YYMM style versioning (like Ubuntu uses too) would make sense seeing their release pattern.
and I quite agree, Windows isn’t as aesthetic at it used to be.
Forced upgrades… Yet another wayit’s shown that you do NOT own your PC. I’m not against mandatory upgrades i, in the sense that it’s needed purely for security sake. I understand teh need for Skipping teh upgrade in this sense, as in there are PCs in the wild that have Windows 10 preinstalled, but with limited space (ie: Intel Compute Stick). The upgrade from 1903 above will not be possible on earlier models, so even a forced upgrade will not work, (unless leaps and hurdles are perfoemed), As since they came with 30 or 64GB storage space, and after moderate use, any further upgrade will require at least 32GB space for teh upgrade itself. which will not be accessible afterwards. I had to rid myself of the compute stick and start fresh on a new PC to be back in business for a daily driver to connect to work (Citrix Netscalar based).
You likely could have installed Linux on it, or else created a usb installer of 20h2 and then fresh installed it on the compute stick. Yes, microsoft never should have supported tiny drives given the footprint of their OS as this was a somewhat obvious resulting issue, but it can be fixed without junking hardware.
It is a pain in the ass tho, I’ll admit.
I find the not owning your own pc statements a bit hyperbolic though… I hear this often. I have Windows 10 installed alongside Linux Mint. I use Windows 10 about 75% of the time. Does that mean I am a 25% owner of my PC? Or is it a timeshare I only own sometimes?
Thanks man, There are a lot of woulda coulda shouldas. I’m old, as most OSNews readers are. I dont have the cycles for all of that. But as to the Linux Dual boot, there’s also the PITA of the Intel Compute stick’s UEFI BIOS , not allowing alternative OSs. I attempted that, saw it was too much work for a sub $100 PC and just junked it.
spiderdroid,
Nah, don’t fret the woulda coulda shouldas…you did everything all right man. We all need to learn to be more zen. There’s only so much we can do and it should be focused on things that are important. I could use a kick in this direction every now and then, haha.
> Does anyone even know what all these version numbers even mean anymore? There’s version numbers, date-based names, build numbers – I have completely and utterly lost track of Windows’ development cycle and rollouts.
I know what they mean. One day marketing was involved how to solve the issue of getting people on the latest version of Windows. They realized people will be comparing Windows 10 market share with 7, 8, etc.
All people talk about now is “Windows 10”. Nobody knows anymore that they are not on the latest version. These versions mean that marketing did the job successfully.
There’s just one version of Windows 10 worth using: LTSC. It’s an actual stable OS with no reinstallations every 6-12 months, no market crap, and other unnecessary features.
I don’t know what you are doing, but in the fleet of machines I part-time manage in-house, and the many Win 10 systems I remote support that are attached to commercial hardware, outside of hardware failures which I’ve had a few, I’ve not had to reinstall, reset or refresh a single workstation since Win 10 Pro was launched due to an OS issue, In fact it was so reliable relative to Win 7, 8 or 8.1 I accelerated the migration of all possible systems across to Win 10 Pro and the time assisting / fixing user workstations or laptops plummeted.
I admit, I was very dubious about the forced updates situation, but I’ve been pleasantly surprised at how effective it is at reducing problems. What major problems I’ve had deal with have been PEBCAK.
Long term my biggest problem will be I have a lot of legacy workstations I can’t get onto Win 10 due to legacy hardware. But if I could I would in a heartbeat!
cpcf,
I believe you and It could well be that the vast majority of windows updates work fine. I don’t do windows tech support anymore and the truth is I don’t get involved when things are going smoothly. For something to escalate to me generally means there’s a severe problem or emergency that normal support staff can’t address. but some windows 10 updates have been problematic. The most alarming updates I’ve encountered were when microsoft was deleting user profile data, which you may remember too. The issue was raised to our technical support staff on a preview version and we escalated the bug to microsoft enterprise support before the general public was affected. And what do you know microsoft still released the faulty updates to the public, haha. For this reason they absolutely deserve a failing grade in this particular instance as it was preventable and they chose to release an update they knew internally was responsible for data loss.
https://bgr.com/2018/10/10/windows-10-october-2018-update-data-deletion-bug-fixed/
There were still some echos of this even this year, although less severe.
https://bgr.com/2020/02/19/windows-10-update-kb4532693-deletes-user-data-stored-on-desktop/
I don’t wish to exaggerate the scope of issues, but occassionally windows 10 updates are faulty and IMHO it does make sense for enterprise users to defer non-critical updates at least until the possible issues have been ironed out by the masses.
I normally set quality updates to 0 days and feature updates to 365 days. I know you get the occasional security thing which needs immediate updating but I’m wondering if i should set this to 1-2 weeks just to avoid any stupidity. Opinions anyone??
I say, try to acquire the LTS Windows 10 branch
@spiderdroid
I’m not spending more money and don’t like hacky workarounds. I’m fine knowing what the “stupid threshold” is on updates.
Alfman
Noted, I’m aware of those issues on some workstations but for me they weren’t global, but as I’ve mentioned here before I do stage channels across sets of machines. Doing some System Restores on isolated machines has probably been the worst case for me.
Actually of all recent upgrades the MS Edge rollout caused me the most problems, but again these are not universal and are overcome without re-installs or resets. Despite those problems, the newer version is a great improvement.
For this reason I’ve never really looked at the LTSC, however I fully understand why some would and maybe I should too for certain sets of machines!
Yes, this is the logical sensical answer. If an enterprise has mission critical internal applications, sure validate those too. Sometimes they just have that one application that someone wrote in Visual c++ years ago that violates all good design principles or coding standards, but it works with random critical systems and or obscure hardware.
Bill Shooter of Bull
There are so many mission critical industrial or scientific computing and control solutions that fit this critical system category that the general public would be shocked.
At this point I don’t understand what these updates are for. I understand patches and fixes but vague updates seem nonsensical and resentment inducing.
Comments like this make me curious.
All I did was Google “What’s new in windows 20h2”
Including a Microsoft site focused on new features for “IT Pros”, there are slightly less than a billion sites outlining the new features (or in the case of control panel, a removed feature). I could be remembering incorrectly, but doesn’t some message pop-up outlining new features when the new major build installs too? Or maybe some feature outlines while upgrading?
I might be nuts and thinking of a linux or rpi distro or something….
Windows 10 is a rolling release (if you are not on LTSC, and let’s face it, most people are not on LTSC), so don’t try to make sense of the versioning scheme or the update paths. It’s the reason why a fifth (20%) of Windows users are still on Windows 7 or 8.1, despite the fact Microsoft have gone out of their way to kill 7 and 8.1 and are giving Windows 10 for free.
kurkosdr,
Just a minor nitpick, but they officially stopped the free upgrade program a few years back. While you may have technical workarounds and I don’t know if MS will look the other way… you’re supposed to buy it now. I checked the prices and windows 10 home OEM goes for about $110 and retail around $140 for the downloadable versions.
I have a spare Windows 10 licence key I bought off a German reseller for about £12. Yes I know nod alongs like to squeal this is woo woo pirating and a questionable legal area blah blah but to the best of my knowledge due to EU court rulings this is 100% legal in the EU. I don’t use this licence key. I just have it in case I ever get a new computer which needs it.
There’s a comprehensive legal commentary here:
https://ipkitten.blogspot.com/2016/11/eu-law-forbids-resale-of-non-original.html
In fact, to create the same presentation design now is no longer enough just to have updated Powerpoint, you need something more global. I, for example, need to create great presentations for tenders all the time for business. It’s extremely difficult, which is why it’s good that I found a professional team that can do it. By the way, you can also turn to and just find here presentation design service . I am very grateful to them that they have already helped out more than once, including with the redesign of presentations, I am very grateful to them and hope that it will be really useful now. Good luck and success, I hope I was able to help someone.
@moderator
User “GavenRank” seems to be a spammer judging by their last three posts each containing links to commercial service providers.