Frame-14

Privacy Ninja

        • DATA PROTECTION

        • Email Spoofing Prevention
        • Check if your organization email is vulnerable to hackers and put a stop to it. Receive your free test today!
        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • AntiHACK Phone
        • Boost your smartphone’s security with enterprise-level encryption, designed by digital forensics and counterintelligence experts, guaranteeing absolute privacy for you and up to 31 others, plus a guest user, through exclusive access.

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your digital frontiers with our API penetration testing service, meticulously designed to identify and fortify vulnerabilities, ensuring robust protection against cyber threats.

        • Network Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Mobile Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Web Penetration Testing
        • Fortify your web presence with our specialized web penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats.

        • RAPID DIGITALISATION

        • OTHERS

Microsoft: Windows 10 ‘Known Issue Rollback’ Auto-Fixes Update Bugs

Microsoft: Windows 10 ‘Known Issue Rollback’ Auto-Fixes Update Bugs

Microsoft has shared details on Known Issue Rollback (KIR), a Windows 10 capability used to revert buggy non-security fixes delivered through Windows Update.

KIR is not used to revert problematic security updates because it would lead to older code being reintroduced, usually more vulnerable and, potentially, containing more exploitable security bugs.

As a Windows 10 servicing improvement, Known Issue Rollback allows Microsoft to revert single and targeted bug fixes once critical regressions are detected.

In-use since late 2019

Microsoft has been using Known Issue Rollback to rollback computers affected by problematic bug fixes to a working state since late 2019.

A fully working version of KIR was introduced in Windows 10 2004 when all the components began working together as a functionally complete system.

Now, almost one year later, all fixes shipped via Windows Update to devices running Windows 10 2004 and later are using Known Issue Rollback containment.

“When Microsoft decides to rollback a bug fix in an update because of a known issue, we make a configuration change in the cloud,” the company explained in a blog post published Tuesday.

Also Read: Going Beyond DPO Meaning: Ever Heard of Outsourced DPO?

“Devices connected to Windows Update or Windows Update for Business are notified of this change and it takes effect with the next reboot.

“While these devices would still require a reboot, in most cases we have identified and published a rollback before most end-user devices would have had the chance to even install the update containing the issue. In other words, most end users will never see the regression!”

Image: Microsoft

Buggy fixes stopped from landing on hundreds of millions of devices

Since it was introduced, Known Issue Rollback allowed Microsoft to deploy bug fix mitigation to hundreds of millions of Windows devices within 24 hours of regressions being identified.

“When Microsoft decides to rollback a bug fix in an update because of a known issue, we make a configuration change in the cloud,” Microsoft explained.

“Devices connected to Windows Update or Windows Update for Business are notified of this change and it takes effect with the next reboot.”

As a direct result of this, an “overwhelming majority of Windows users” will never have the buggy Windows Update affect their devices, given that the problematic fix would be disabled on their computers.

As an example of how KIR works, Microsoft stated that a bug was discovered in April 2020 KB4550945 Preview update that prevented gamers from accessing in-game content purchased through the Microsoft Store.

After identifying the problem, Microsoft used Known Issue Rollback to push out a fix via Windows Update to quickly resolve the bug on 236 million affected Windows 10 devices.

Also available for older Windows 10 versions

According to Microsoft, Known Issue Rollback is also available in Windows 10 prior to version 2004.

“[F]or example versions 1909 and 1809, have partial support for Known Issue Rollback built into the OS and we leverage that support whenever possible when shipping updates for those versions,” Redmond added.

Known Issue Rollback configurations are not cumulative as they address specific issues (i.e., regressions).

They also come with a limited lifespan since Microsoft is usually developing and delivering resolutions for problematic bug fixes within a few months.

Also Read: Limiting Location Data Exposure: 8 Best Practices

More information on the Known Issue Rollback Windows 10 capability, including details on enterprise, end-user, and Microsoft managed rollback scenarios are available here.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us