Microsoft’s Patch Fiasco: Breaking One Thing to “Fix” Another

Oh, look, Microsoft’s done it again — the patching circus rolls on, and this time the clowns have spilled coffee all over the server room. In their latest stroke of “genius,” they dropped a fix for a WSUS vulnerability (that’s Windows Server Update Services, for those lucky bastards who haven’t had to touch it since 2008). Sadly, this holy patch miracle also managed to disable Windows Server hotpatching. You know, the nifty crap that lets you apply security fixes without rebooting? Yeah, that’s now fucked.

So here’s how it goes: someone at Redmond spotted a security hole where on-prem WSUS servers could be abused to distribute rogue updates—a lovely attack vector that lets the bad guys play sysadmin for a day. Microsoft patched it in their infinite wisdom… and promptly killed the entire hotpatching feature used by Windows Server Azure