> Microsoft appear to class this as a "Security Update",
>> as the GUID for the Windows Server 2025 upgrade does not match the usual entries for KB5044284 associated with Windows 11. This appears to be an error on Microsoft's side
This once again highlights how bad the ecosystem with 3rd party tools used for basic system maintenance in the MS environment is. And how much companies and admins rely/depend on those.
I don't really understand why there are so many commercial third party tools being used to do basic things. But they cost a good amount of money and cause a lot of problems.
It was more he had a grudge of his because I would always push back his ideas. This made it a hostile environment as I always had to ensure I cover my arse in all area's. This was his "gotcha!" moment.
He wanted to put me on-call with no pay increase, wanted eight Cassandra servers for no reason. All this other crap because he had herd buzz words.
They were trying to brown nose the position of the CTO as at the time the company had none.
Looks like this is an issue with a a third party update client being confused by a potential misclassification in Microsoft's side about the update (security update vs upgrade).
What I'm most surprised by myself is that there doesn't seem to be an option to revert this according to the comments. I'm pretty sure consumer Windows allows downgrades for upgrades installed in this manner, I can't imagine the pain it'd be to need to manually undo all the damage after an unintended upgrade using automated tooling!
Probably the third-party solution offers functionality not available from Microsoft, for example integrating with other management software they may have, enabling automated blue-green scheme for applying updates, so they can accurately measure the impact of updates for example.
I agree that this looks like a 3rd party issue. They claimed that KB5044284 was the update, but others have noted that after installing that update, they had the option to upgrade to 2025 but it didn't happen automatically - seems the 3rd party RMM somehow pushed a command to start the upgrade.
Honestly, I guess since it's an SMB it might make sense that they aren't able to test all patches before applying them in production, but you'd hope they'd delay the installation for a few days to let others catch major issues.
A similar thing happened to me last month. My Ubuntu server suddenly started showing a countdown, warning that my firewall was blocking Canonical's ‘essential data’ pings and threatened to revoke my apt privileges. I gave it a pass-through, but the next day, it upgraded itself to Ubuntu Galactic Cosmic and replaced all my bash scripts with PowerShell. Still getting used to the mandatory Snap packages for 'ls' and 'cat' now…
I have the most stable and secure version of Windows in my personal laptop, perfectly safe sleeping in its partition until I boot it every few months to install updates.
In this case, based on comments there, new server is not licensed anymore and not activated after the upgrade. Making this problem much worse, as options are either purchasing new licenses or reinstalling everything.
Edit: it's not clear to me how much responsibility lies with 3rd party update management tool and how much with Microsoft. This update doesn't seem to automatically run by itself, but it might be misclassified so that these tools think it's a security update and just deploy like any other patch.
> Microsoft appear to class this as a "Security Update",
>> as the GUID for the Windows Server 2025 upgrade does not match the usual entries for KB5044284 associated with Windows 11. This appears to be an error on Microsoft's side
Shall Microsoft now provide the missing license ?
This once again highlights how bad the ecosystem with 3rd party tools used for basic system maintenance in the MS environment is. And how much companies and admins rely/depend on those.
I don't really understand why there are so many commercial third party tools being used to do basic things. But they cost a good amount of money and cause a lot of problems.
In this case at least it was Microsofts fault
Yes. For automation software it's fully updated (not: upgraded) target system definition.
No, it wasn't. This failure happened at the side of the user - their central policy configuration or so. Microsoft pushed the update correctly.
Did we read the same article? Microsoft labeled an update as "security updates" when it was in fact an upgrade to Windows Server 2025
Did they say they wouldn't?
In the absence of Heimdall 2022 Server doesn't install it along with other security updates.
Wouldn't what?
Also given other peoples experiences in this comment section, that doesn't seem to be true.
I can't find anyone without Heimdall who would claim it happened to them. For all we know this is 100% Heimdall bug.
It sounds like the 3rd party tool did what MS told it to do.
Nope, my servers are just fine.
This would happen if you just let Windows Update do its thing. As is fine on client machines usually for security.
On Azure it is the default even https://imgur.com/a/RvEx3yn
Nobody ever got fired for running a Linux server...
not the phrase I'd use to make that argument
I accidentally deleted /etc/ thanks to a syntax error in my script and got fired.
I hated the boss of DevOps team and they hated me. Greatest thing to ever happen to me.
Firing someone for a mistake they will have learnt never to make again is not just pointless but also counterproductive.
It was more he had a grudge of his because I would always push back his ideas. This made it a hostile environment as I always had to ensure I cover my arse in all area's. This was his "gotcha!" moment.
He wanted to put me on-call with no pay increase, wanted eight Cassandra servers for no reason. All this other crap because he had herd buzz words.
They were trying to brown nose the position of the CTO as at the time the company had none.
Shiite company that collapsed six months later.
Root comment still stands up, unless you were the one running the Linux server.
I was. My install, my setup. Linux Engineer was my job. We are talking about 15-20 developers all using pirated Windows 10 for workstations.
I've always wondered what etc refers to.
Nothing, it's literally "et cetera"
https://serverfault.com/questions/471161/history-of-the-etc-...
I wouldn't be surprised if it "upgraded" all your data into azure and disabled local admin...
Looks like this is an issue with a a third party update client being confused by a potential misclassification in Microsoft's side about the update (security update vs upgrade).
What I'm most surprised by myself is that there doesn't seem to be an option to revert this according to the comments. I'm pretty sure consumer Windows allows downgrades for upgrades installed in this manner, I can't imagine the pain it'd be to need to manually undo all the damage after an unintended upgrade using automated tooling!
What do third party update clients do? Why are they used? Why are they even able to upgrade the OS version?
Not a Windows version and unfamiliar with how it works.
Probably the third-party solution offers functionality not available from Microsoft, for example integrating with other management software they may have, enabling automated blue-green scheme for applying updates, so they can accurately measure the impact of updates for example.
I agree that this looks like a 3rd party issue. They claimed that KB5044284 was the update, but others have noted that after installing that update, they had the option to upgrade to 2025 but it didn't happen automatically - seems the 3rd party RMM somehow pushed a command to start the upgrade.
Honestly, I guess since it's an SMB it might make sense that they aren't able to test all patches before applying them in production, but you'd hope they'd delay the installation for a few days to let others catch major issues.
thank god i moved my entire company to debian last year it's enough to deal with w11 on its own
<sarcasm>
A similar thing happened to me last month. My Ubuntu server suddenly started showing a countdown, warning that my firewall was blocking Canonical's ‘essential data’ pings and threatened to revoke my apt privileges. I gave it a pass-through, but the next day, it upgraded itself to Ubuntu Galactic Cosmic and replaced all my bash scripts with PowerShell. Still getting used to the mandatory Snap packages for 'ls' and 'cat' now…
</sarcasm>
Have you tried switching it off and leaving it off?
Off button is an Enterprise option now.
Subscription
An offer to update to Server 2025 is showing up in Windows Update for a Server 2019 system to which I have access but it is not auto-installing.
> but it is not auto-installing.
for now. /s
well thats terrifying.
It would be a good horror story for halloween, but that was last week…
This seems to be used by Microsoft like the Windows 7 and 8.1 to Windows 10 upgrades.
It gives me chills thinking of production servers being magically upgraded to a new and untested version of Windows.
It gives me chills thinking of production servers running windows.
but it's the most stable and secure version of Windows yet
I have the most stable and secure version of Windows in my personal laptop, perfectly safe sleeping in its partition until I boot it every few months to install updates.
Sure, for home versions but updating a server version without explicit direction to do so is really bad for business.
In this case, based on comments there, new server is not licensed anymore and not activated after the upgrade. Making this problem much worse, as options are either purchasing new licenses or reinstalling everything.
Edit: it's not clear to me how much responsibility lies with 3rd party update management tool and how much with Microsoft. This update doesn't seem to automatically run by itself, but it might be misclassified so that these tools think it's a security update and just deploy like any other patch.
For your business. Not for Microsoft's
Yet another thing that does not exist in a sane OS. Oh, if only Bill Gates hadn't done his dirty deeds.