Well, OK, Windows Update didn’t exactly “kill the Internet,” but, beginning on Tuesday, July 28, 2008, it did kill access to the Internet for millions of Windows users worldwide. This isn’t the first time that Windows Update has done this sort of thing. Here’s the story.
Last Tuesday was the second Tuesday of the month, known in the computer industry as “Patch Tuesday.” That’s the day that Microsoft releases “patches” designed to correct newly discovered security problems and flaws. Patch Tuesday is usually a good day. Windows users, most of whom use the Automatic Updates function, receive vital updates to their computers, which are silently and unobtrusively installed without requiring any user interaction. The users go on their merry way, usually without even knowing that their computers have been improved. All is well, most of the time.
I don’t use the Automatic Updates function. I prefer to remind myself from time to time that I need to run Windows Update manually. That way, I can scrutinize each individual update and decide if I want it or not. That’s exactly what I did last Tuesday, but only on one of my computers. I figured that I’d update the other computers at a later time. I examined the individual updates that were available, decided that nothing looked amiss, and installed them all. I turned the computer off and forgot all about it.
The next day, Wednesday, I started getting lots of calls from perplexed customers. They were all reporting the same problem: no Internet access. No websites. Nothing. I was not in town at the time, so I made arrangements to visit with them later in the day. I was beginning, though, to see a pattern emerge. All of the customers thought that their problem was somehow related to “some update” that had been installed.
Finally, I led one customer through some nerdy, over-the-phone testing, such as going to what’s called a Command Prompt and running a utility called ipconfig. The results showed that he had an Internet Protocol (IP) address, so that didn’t seem to be the problem. I then had him “ping” a website, by typing “ping www.google.com” and hitting the enter/return key. The results were strange. Ping was working. His computer sent four tiny bundles of data, known as packets, to Google, and Google sent back four replies. This told me that his computer was on the Internet, but, since both the Firefox and Internet Explorer web browsers could not reach websites in the normal fashion, I concluded that his DNS configuration had somehow gotten messed up.
DNS, short for Domain Name System, is a way of converting domain names, such as Yahoo.com, into a string of numbers that can actually get you to your destination. You see, website addresses are not actually words or names, such as “nameofwebsite.com,” but are actually a series of numbers. The numbers represent the actual IP address. But, since there are zillions of websites, and most folks can’t remember zillions of complex number combinations, a smart guy named Paul Mockapetris invented DNS. Google’s website address is not really Google.com; it’s actually 216.239.51.99. Type those numbers into your browser’s address box, hit enter, and it will take you straight to Google. However, DNS makes things much easier.
When I got home that evening, having thought about these problems all day, I decided to test out the computer that I had updated on Patch Tuesday. Sure enough, I had no normal Internet access, while my un-patched computers worked just fine. The problem had to be with a Windows update. After some research, I learned that one of the updates had to do with DNS. I decided that had to be the culprit. The update, KB951748, had screwed up my ZoneAlarm firewall program.
ZoneAlarm, from Check Point software, is the world’s most popular free firewall program, far superior to the Windows XP firewall. I’ve used it for many years. Another thing that my complaining customers had in common was that they were all using the ZoneAlarm firewall. Microsoft, in its typical big-bully-on-the-block fashion, had released a patch that killed the world’s most popular (and competing) free firewall, without consulting with Check Point or giving caveats to any end users.
That evening, I fixed my customer’s computers by removing the offending update, and told them that we would have to wait for an update to the ZoneAlarm program. I doubted that Microsoft would do anything to alleviate the problem. Then, I started monitoring the situation. ZoneAlarm put up an alert page, listing three temporary solutions. I tested all three on my own computers; one of them didn’t work. By the time I checked the alert page again, it had changed, removing the “solution” that didn’t work. Interesting. The Microsoft page for the offending update was no help at all. The day waxed late; I went to bed.
The next morning (Thursday) I checked the websites again. ZoneAlarm had rushed out a new version of their firewall that fixed the problem, and lo and behold, Microsoft had added new information and a link on their page to the ZoneAlarm fix. Amazing! But, at what cost? If you didn’t have Internet access, you couldn’t find the solution. People paid me to fix their computers. I’m sure that this same scenario played out all around the world. Check Point probably lost millions of dollars in the process, changing their software and dealing with irate customers. Who will be held accountable?
Nobody will be held accountable. Microsoft doesn’t care. They don’t have to care; they’re Microsoft. It’s a Microsoft world. Deal with it.