I dunno man. I’m convinced that pretty much any mention of VPN these days is just an ad for vpns. That’s with this article looks like.
Microsoft's latest Windows update breaks VPNs, and there's no fix
Submitted 2 weeks ago by GFGJewbacca@lemm.ee to technology@lemmy.world
Comments
Imgonnatrythis@sh.itjust.works 2 weeks ago
zaemz@lemmy.world 2 weeks ago
Yeah, you’re not wrong that the article kinda sets itself up for the “lookit our recommended VPNs” pitch.
There’s no way Microsoft would purposefully disable VPNs from working. I can guarantee that they require VPNs for thousands of roles in the company, let alone breaking it for government agencies that require VPNs, etc.
It is good to know that a specific update can break something ahead of time, though. Then at least you can avoid it.
Kiernian@lemmy.world 2 weeks ago
There’s no way Microsoft would purposefully disable VPNs from working
No, but they’ve done it accidentally before.
One time a few years ago it broke all LT2P VPN’s unless you removed a specific KB########.
IIRC, six months later there was still no fix.
I think it’s been fixed now, though.
db2@lemmy.world 2 weeks ago
And now a word from our sponsor, Nor-
cyborganism@lemmy.ca 2 weeks ago
Skip 10 seconds. Skip 10 seconds. Skip 10 seconds.
Kethal@lemmy.world 2 weeks ago
My workplace requires VPN for Web sites that are authenticated, require 2FA and are encrypted. It’s infuriatingly stupid. I feel like someone higher up got sold a useless contract by a god VPN salesperson.
Badeendje@lemmy.world 2 weeks ago
Most likely all connections are run through the gateway of the company allowing them to apply security to all web traffic on their clients.
It might hinder you but there is plenty of method to this madness.
BearOfaTime@lemm.ee 2 weeks ago
I applaud your IT leadership/CIO for being willing to do this.
Most companies are far too passive and think “aIt won’t happen to us”.
I’ve seen companies scammed of $1mil in a single transaction because they sent credentials in email, to a scammer.
Had they used a credential management system this wouldn’t have happened.
Every layer of security helps.
NGC2346@sh.itjust.works 2 weeks ago
Its actually real news
cy_narrator@discuss.tchncs.de 2 weeks ago
It may be unintentional bug. People in the enterprise world need VPN for corporate purposes, they will fix it dont worry
sgibson5150@slrpnk.net 2 weeks ago
Doesn’t seem to have impacted Wireguard.
terminhell@lemmy.world 2 weeks ago
[deleted]sgibson5150@slrpnk.net 2 weeks ago
Mmm what?
WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends…
MakePorkGreatAgain@lemmy.basedcount.com 2 weeks ago
thats going to be an issue - at my work roughly 60% of the userbase is connected via VPN at any given point
Qwaffle_waffle@sh.itjust.works 2 weeks ago
That’s a paddlin.
BaroqueInMind@kbin.run 2 weeks ago
Looks like their policy to prefer cheap labor they hire from Asia rather than paying local U.S. developers a living wage is starting to bite them in the ass.
tsonfeir@lemm.ee 2 weeks ago
Obligatory Linux plug.
just_another_person@lemmy.world 2 weeks ago
So skip Windows. Why does anyone need it anymore?
vodkasolution@feddit.it 2 weeks ago
Photoshop, Illustrator, After Effects :/
just_another_person@lemmy.world 2 weeks ago
All work via Wine. I use each of them. No issues.
desmosthenes@lemmy.world 2 weeks ago
works on osx too
pycorax@lemmy.world 2 weeks ago
Games. I have a Steam Deck so yea I get that Proton works really well now but it’s still not perfect. And also I write software for customers that use Windows so ¯_(ツ)_/¯
just_another_person@lemmy.world 2 weeks ago
Games aren’t an issue. If you are still in a world where your local machine is a dev environment, that’s a different story. Sorry.
Holzkohlen@feddit.de 2 weeks ago
You are gonna test the software for a multi-billion dollar cooperation and you are gonna like it!
Melatonin@lemmy.dbzer0.com 2 weeks ago
Is it too late to turn off security updates and avoid this issue?
BearOfaTime@lemm.ee 2 weeks ago
And this is exactly why I don’t do auto updates (and people around here berate me for it, saying my systems are unsafe).
Hell, Windows LTSC only gets updates twice a year (which is what I run).
InEnduringGrowStrong@sh.itjust.works 2 weeks ago
LTSC is great.
Much less bloat and bs too.
downpunxx@fedia.io 2 weeks ago
Has anyone here been running into this issue realtime since the update?
chemicalwonka@discuss.tchncs.de 2 weeks ago
[deleted]Coreidan@lemmy.world 2 weeks ago
Why? The entire business world uses and needs VPNs. This accomplishes nothing for MS. There will be a PR shit storm in MS from every direction if they don’t fix it.
I’d agree if this only affected normal people but it also affects every corporation that does business with MS.
mindlight@lemm.ee 2 weeks ago
PCWorld:
Microsoft’s latest Windows update breaks VPNs, and there’s no fix
What Microsoft actually said:
Windows devices might face VPN connection failures after installing the April 2024 security update, or KB5036893. We are working on a resolution and will provide an update in an upcoming release
I’m so fed up with everyone trying to make a quick buck on our constant struggle to stay safe.
w2tpmf@lemmy.world 2 weeks ago
The reality is that it broke "something* in certain lpt2/ipsec connections using certain authentication protocols, although they haven’t yet specified which particular connection technologies are affected.
However this does not mean that a blanket affect of ALL VPN connection not working is an issue.
So far we are unaffected on clients using ipsec and PAP protocol authentication, nor connections using Anyconnect (aka Cisco Secure Connect).
I have also not seen any affect on private VPN clients such as PIA or Nord on machines that have this update.
I suspect what broke was clients using MSChap, Microsoft’s own protocol for authentication for VPN clients.
nublug@lemmy.blahaj.zone 2 weeks ago
absolutely bonkers take