Please, Microsoft; place a "hold" on KB5063878 August Cumulative Update for Windows 11, until it can be trusted not to destroy storage devices, installations and data.
We're encouraged to trust vendors to know best, including blocking updates known to cause trouble and/or suffer from compatibility issues. Microsoft knows that KB5063878 corrupts storage (although this is not documented here), including destroying storage hardware, yet even after testing indicated the issue affects more than just a few particular SSDs, but also hard drives as well, it still pushed this update yesterday (28 August 2025) to a brand new laptop.
Yes, the issue may "only affect a few systems" and only when doing bulk file transfers of 50G+, but that's exactly what a new system will do straight after mandatory updates; bulk transfer data onto the new system from the one it is to replace. This scenario is even more likely at a time Microsoft is telling us to replace perfectly capable Windows 10 systems so we can "be supported" on Windows 11 - even as that "support" involves pushing known-lethal updates "to keep us more secure".
As it is, KB5063878 is a nasty face-hugger beast, including as it does a Servicing Stack Update as well as changes to code outside Windows itself; since the previous month's Cumulative changed WinRE, thus the automatic recovery system for failed boot, and likely WinPE, perhaps pre-BCD and UEFI, who knows? Now that "BIOS" is "extensible", toxic OS drivers can permeate that space via UEFI drivers, as already afflicting the BCD Boot Menu.
So, it's not as simple as uninstalling the update, and/or blocking it by hiding it from future Windows Update activity. Uninstalling the update may fail with errors, requiring a more elaborate approach via DISM, possibly disabling WinRE and Sandbox first, etc. Advice then suggests Pausing updates in the hope that Microsoft fixes what is quite a deep change to the code base, in the hope that this happens before the maximum allowed Pause time expires, that rushed fixes don't create new issues, and that exploits don't start hitting whatever KB5063878 may have fixed while we wait.
If we cannot trust Microsoft to place a "hold" on updates that can destroy data, installations and hardware - surely the biggest impact possible - then we need a way to block particular updates before they get rammed into the system. We should not have to first accept the update before uninstalling and blocking it, nor should we have to Pause updates altogether, just to avoid a crisis du jour.
No comments:
Post a Comment