News: 1735320607

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Microsoft adds another problem to the Windows 11 24H2 naughty list

(2024/12/27)


The trickle of known issues with Windows 11 24H2 has continued with a new one just in time for festive season: installed the operating system using removable media? There's a chance it might stop receiving security updates.

According to Microsoft's [1]marketing for its flagship operating system: "Your Windows 11 PC brings layers and layers of security measures to help keep your digital life in safe hands - yours."

Unfortunately, for some users, what it does not bring are security updates. While Microsoft's marketing and compatibility requirements for Windows 11 might imply that the security situation is all tickety-boo, the reality for the operating system and much of the rest of the software world is that a relentless stream of updates is required to keep out the miscreants.

[2]

The [3]issue occurs when media – such as CD and USB flash drives – are used to install Windows 11 24H2. If the media contains the October or November 2024 security updates, the system could be left in a state where it cannot accept further updates.

[4]

[5]

Microsoft's advice? "To prevent issues, do not install Windows 11, version 24H2, which installs the October 2024 or November 2024 security updates.

"Instead, ensure that media used to install Windows 11, version 24H2, includes the December 2024 monthly security update (released December 10, 2024), or later."

[6]

The problem doesn't occur for devices where the security updates have come down via Windows Update or the Microsoft Update Catalog website.

To be fair, most users are unlikely to be affected by the issue. However, customers with carefully crafted installation media that meet the requirements for potential borkage will need to be aware of the problem, for which there is currently no remedy. Microsoft said, "We are working on a resolution and will provide more information when it is available."

[7]Microsoft coughs up yet more Windows 11 24H2 headaches

[8]Windows 11 24H2 rolls out to more devices – with a growing list of known issues

[9]Good news! You'll soon be able to send faxes again with Windows 11 24H2

[10]Windows 11 24H2 strikes again – Outlook might not start with Google Workspace Sync running

The problem is the latest in a lengthening list of known issues with Microsoft's Windows 11 operating system update. Several were added in December alone, of varying levels of severity, with the installation media problem arriving right on cue for the holidays.

We asked Microsoft's generative AI assistant why Windows 11 24H2 appears to be so buggy. It responded that new issues seem to keep popping up and acknowledged that the experience was "definitely frustrating for users" keen to try out the latest features of the operating system.

Perhaps the brains behind Windows 11 24H2 could use Copilot's suggestions for writing bug-free code – spoiler: do some testing – to ensure things are a bit more stable next time. ®

Get our [11]Tech Resources



[1] https://www.microsoft.com/en-gb/windows/windows-11

[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z28xk9JudNbAEDmQc2xgGgAAAAs&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[3] https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-24h2#3469msgdesc

[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z28xk9JudNbAEDmQc2xgGgAAAAs&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z28xk9JudNbAEDmQc2xgGgAAAAs&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z28xk9JudNbAEDmQc2xgGgAAAAs&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[7] https://www.theregister.com/2024/12/19/windows_11_24h2_issues/

[8] https://www.theregister.com/2024/12/05/microsoft_windows_roll_out/

[9] https://www.theregister.com/2024/12/11/microsoft_windows_11_escl_fix/

[10] https://www.theregister.com/2024/12/09/outlook_windows_11_issue/

[11] https://whitepapers.theregister.com/



Doctor Syntax

"here's a chance it might stop receiving security updates."

Perhaps this is a feature that stops it receiving future borkage via updates.

"layers and layers of security measures"...

Mentat74

You mean : "layers and layers of lipstick on a pig ?"

Re: "layers and layers of security measures"...

David 132

And not the oinky end of the animal, either.

Doctor Syntax

"keep your digital life in safe hands - yours."

Sounds reasonable. If you want a job done right, do it yourself.

dippy1

"do some testing – to ensure things are a bit more stable next time"

No that's not Microsoft's role.......that for the user to do that.

abend0c4

Ci/CD is hard enough to do when you have a limited number of configurations which you can test comprehensively in a similar timescale to your build process.

It's pretty much impossible when there's an almost infinite number of possible configurations, many of which cannot easily be replicated automatically.

The irony is that few people actually seem to want the new features that this accelerated deployment process is intended to foist upon them.

TVU

Ongoing and new multiple bugs is what happens when the great majority of Microsoft quality assurance testers get sacked and we are living with that legacy now (they were fired a decade or so if IIRC).

MS Testing

Steve Davies 3

WILL ONLY be performed by AI in the future. No human will be involved in the process.

Well, I'm sure that will soon be something that MS will be shouting from the Redmond rooftops. The problem is how good will it be? If past results are anything to go by... PURE CRAP.

new developer

Chris Gray 1

Hey, its not doing too bad for software that is written by their in-house AI!

W11 - The gift that keeps on

Steve Davies 3

fecking the users around.

Come on MS... Get your shit together and stop screwing the users around like this.

To you users... It you are not thinking of an alternate platform then make that your new year's resolution.

Gerry 3

It's FAR more than a bit buggy.

I bought an expensive Lenovo laptop at the end of October. Spent a few hours updating Windows 11, lots of downloads and reboots. It forced me to create an unwanted Microsoft account but I didn't make a note of the account name and password: I never intended to use it, expecting that it would only contain spam, spam and more spam.

I switched on Device Encryption because it promised 'protection from offline unauthorised activity', which seemed a good idea at the time. I downloaded a few browsers and Libre Office, and all seemed well.

There were some optional updates from Lenovo, so I thought I might as well have those, why not?

It suddenly rebooted showing the Blue Screen Of Death. Normally, this is a recoverable incident, but it turned out that my brand new laptop had been irretrievably bricked by BitLocker. I'd never even heard of BitLocker, which was demanding a 48-bit Recovery Key which I didn't have. It wouldn't allow Safe Mode, reinstallation of Windows or any other workaround. It said the key could be found in my Microsoft account, but despite using my phone to try every permutation of what I could hazily remember of my Microsoft account, I couldn't open it. There's absolutely nothing that Microsoft or anyone could do, my entire PC and all its data, photos etc had all been subject to BitLocker's military grade encryption which can't be bypassed without that 48-bit Recovery Key.

Neither Microsoft nor Lenovo bother to warn you that your Microsoft account details (which might have been set up several years ago and not regarded as especially important) MUST be treated like a Bitcoin or Swiss bank account number, otherwise your PC could be irretrievably bricked AND all your data and photos will be lost forever if they weren't securely backed up.

So unless you have the WW3 nuclear codes on your laptop and you're worried you may leave it on a train going to Waterloo, think twice about turning on Device Encryption. Even then you're still not safe if you haven't can't remember your Microsoft account details or the Recovery Key: the Windows 11 24H2 update will turn on encryption by default if you access Windows 11 using a Microsoft account (but it won't if you use a non-Microsoft email account instead).

Fortunately, I'd bought my laptop online, so I was able to return it to Argos within 24 hours of having collected it. To their great credit, Argos took only a few minutes to get the manager's approval for a full refund, courteously and with no quibble at all.

Microsoft and Lenovo must be laughing all the way to the bank.

Have an upvote

Steve Davies 3

for getting a refund from Argos.

I tried that with a lawnmower that was made for them. No other retailer sold it. It went phut and would they honour the guarantee? Like Hell they did. They even said that my printed out receipt was a fake.

As the thing was useless, I left it in the middle of the store with a note on it saying that Argos was crap.

Well done. W11 is a POS and well avoided.

Jou (Mxyzptlk)

The problem is rather that the user is not informed about the consequences. And that, depending on BIOS/TPM settings, Bitlocker encryption is automatically enabled without asking. Lenovo, HP, Dell and other "Office-Type-PC-Brands" have that setting in their BIOS for probably about over ten years now.

If you'd known beforehand what it all entails you would have acted. But you were, IMHO deliberately, left blind.

Edit: Oh, and you can see, if you don't not connect it to an MS account, Bitlocker in an [1]"waiting for activation" state. Don't activate it. Use manage-bde c: -off to get into a clean state (see my answer behind that link). I had quite a number of machines in that state. And then you can activate Bitlocker with the setting YOU choose, or your GPO sets, instead of that Schrödingers-Cat state with the settings neither you or any Admin wants.

[1] https://superuser.com/questions/1299600/is-a-volume-with-bitlocker-waiting-for-activation-encrypted-or-not

Headley_Grange

In the old days when I was less circumspect about creating accounts and almost everything I did seemed to want one I created an email account for ones that I didn't care about or expect to use again and gave them all the same easily remembered password. It helped me a couple of times, although I never got into the situation you did, thank goodness.

When I last encrypted an Apple Mac disc (years ago now) they did everything bar send someone round to the house to warn me that if I lost the key then all my data were gone.

Anonymous Coward

You know. I hate to be that person but when your device tells you to write something down or put it somewhere safe then that's exactly you do. What did you think would happen? It's like installing Linux and just bashing the keyboard when it tells you to set your password like thinking to yourself "I don't need this, I'll be ok". Personally I don't use bitlocker for this exact reason and I have no use for it but if my computer did on the off chance get locked out from bitlocker and I only had it a couple of days I would just re-install. I don't understand why you didn't just do that. In fact every laptop I have ever owned gets flattened before I go anywhere near it to remove all the crap they put on them.

Why are Microsoft and Lenovo laughing? You got a full refund and some clown has to set it up again so it can be sold for less as used. What have they actually gained here? Am I missing something here? I can't stand Microsoft generally but it's a necessary evil for some things.

"Microsoft's advice? "To prevent issues, do not install Windows 11"

The commentard formerly known as Mister_C

The rest of the article is unnecessary.

I've said it before and I full expect to say it again. TRADING STANDARDS NEEDS TO GROW A PAIR AND TELL MICROS~1 TO PROVIDE SOFTWARE THAT IS FIT FOR PURPOSE OR JUST CEASE AND DESIST. I don't care if they whinge "software is hard". FMCG is hard if you want to make it safe and resilient. Cars is hard if you want to make it safe and resilient. Even food is hard if you want to make it safe and resilient. Everything is hard if you want to make it safe and resilient. Why do software companies think they count as special?

Reminds me of the defective Server 2022 ISO

Jou (Mxyzptlk)

In Q2 Microsoft offered, for a short while, a corrupted ISO of Server 2022. Updates not possible. Solution from Microsoft: Repair-In-Place-upgrade with an older or newer ISO.

Works fine for some Servers, for Domain Controllers it is an extra hassle. And for some it is not possible in first place since it nukes the installed software. The latter got a "Server 2022 to Server 2022" migration. Even though they were just migrated from an older OS to Server 2022. Tons of money which Microsoft has not to pay for, simply 'cause of their too bad QA.

The priorities of Microsoft at the top of that company are worse than ever, making me wishing Ballmer and Gates back.

Smug

LenG

When I read this sort of thing I get a warm feeling of satisfaction with my Win 10 system which will never be upgraded to 11. It soldiers on with occasional strange hiccups but nothing fatal. As for the M$ account, I don't have one. I did for a bit but it never seemed to serve a useful purpose so I nuked it.

Unfortunately, there have been a few odd glitches recently which are pushing me on towards the final full transfer to Linux.

Re: Smug

Jou (Mxyzptlk)

Wait for Windows 12. It will be the best Windows ever. Until then I suspect most normal Windows 10 installations will get the important security updates since MS cannot reliably tell which ones have the right license (i.e. paid) for extra updates. Was that way for various other Windows versions as well.

"Sometimes insanity is the only alternative"
-- button at a Science Fiction convention.