Microsoft admits it sent Office nag to all WSUS servers
Admins, furious, say their Office installs have been falsely fingered as fake
Computerworld - Systems administrators have ripped Microsoft Corp. for pushing a trial antipiracy program meant for limited distribution to all enterprise update servers, a mistake that has triggered false warnings of Office counterfeits.
Earlier this month, Microsoft announced it would kick off a pilot program for software to display nagging notices on copies of Office that it deems fake. The program, part of the Office Genuine Advantage (OGA) initiative, which already requires users to validate their software as legitimate, was to run in only four countries: Chile, Italy, Spain and Turkey. The notices would appear on machines running phony copies of Office XP (called Office 2002 by some), Office 2003 and Office 2007.
Last Tuesday, however, Microsoft published the test update to all Windows Server Update Services (WSUS) servers and did not limit its delivery to end users in Chile, Italy, Span and Turkey. WSUS is the primary update mechanism used by businesses to patch their Microsoft software. Later, Microsoft said the mistake had seeded the OGA update to WSUS servers for about 24 hours.
By early Wednesday, administrators in the U.S., the U.K., New Zealand and elsewhere were posting messages on Microsoft support newsgroups, asking why their WSUS systems had received the Office nag. In some cases, administrators reported that the update had fingered large numbers of desktop PCs as running counterfeit copies of Office.
"Update KB949810 arrived via WSUS yesterday, and now all my XP workstations running Word 2002 are telling me it needs activating," said a user identified as "morriswoodyman," who said he is in the U.K. "The only problem is that the software is genuine and was activated three years ago," the user added in a message to a Microsoft support newsgroup.
The support document that morriswoodyman referred to -- KB949810 -- is the one associated with the OGA notification update and was how WSUS labeled the update in its listings.
Another user named James, said that he is with the U.S. Army and that the systems he manages had also been falsely accused. "I have [hundreds] of systems now giving me errors," he said on the same support thread. "These are U.S. government computers with legitimate licenses! MS needs to fix this FAST!"
Some users were blunt in their criticism. "I'm legal. My software is legal," said Susan Bradley on the same newsgroup. "There is nothing more frustrating as a Microsoft shareholder to constantly see Microsoft shoot themselves in the foot by treating legal customers in this manner."
Although Microsoft representatives acknowledged that there had been a glitch as early as Wednesday, it wasn't until Friday that Microsoft issued an official explanation in a post to its WSUS team blog.
- Securing Mobility, From Device to Network At one time, the process of managing and securing mobile devices and applications was fairly straightforward. Most organizations worried about one application (email)...
- Data Protection eGuide In this eGuide, CSO and sister publications IDG News Service, Computerworld, and CIO pull together news, trend, and how-to articles about the increasingly...
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!