Microsoft deletes deleterious file deletion bug from Windows 10 October 2018 Update

Let's try that one again, says Redmond, after last week's operating system build misread timestamps

The world now knows why last week's Microsoft Windows 10 upgrade deleted unlucky users' files: the software treated the default user directory as ripe for destruction, because it thought the files were elsewhere. The upgrade has since been pulled.

Last week, some unfortunate punters who hit the “download” button on the Windows 10 October 2018 Update received the gift of extra disk space, because they lost their \Documents directories.

On a support page issued on Tuesday, Microsoft's sparse explanation of the bug is as follows: “An incorrect timing calculation may prematurely delete user profiles on devices subject to the 'Delete user profiles older than a specified number of day' group policy.”

Microsoft's John Cable went into more detail over here.

Corporate guy pulls blue curtain closed

Microsoft yanks the document-destroying Windows 10 October 2018 Update


The bug, Cable wrote, affected people who had used a feature called Known Folder Redirection, a tool for folks who have filled their hard drive and wanted new files destined for their Desktop, Documents, Pictures, Videos, Camera Roll, and other such default directories to be stored on another device, such as in D:\user. You can keep saving files into the usual Downloads folder, for instance, and it's actually saved on another drive with free space, in other words.

In April, Windows Insider guinea pigs reported a bug in this folder redirection feature that created empty copies of the so-called known folders – the standard issue directories like Desktop, Downloads, etc. To fix that, “we introduced code in the October 2018 Update to remove these empty, duplicate known folders. That change, combined with another change to the update construction sequence, resulted in the deletion of the original 'old' folder locations and their content, leaving only the new 'active' folder intact.”

In short, the OS would potentially wipe your original known folders if you had redirected them to another drive. The three setups that would trigger the deletion are:

  • A user redirected KFR to a different drive, but only put new files there, leaving their old files in the default \user\ directory. Files in the “old” folder were deleted;
  • The user created a redirection from one folder to another, but again, used that location only for new files, leaving the old files in the default (Cable noted that during KFR setup, users are prompted to decide whether or not to move the files); or
  • Users of older OneDrive clients, who had enabled auto-save. Again, this is because there's a redirection, but old files remain in their default location, because OneDrive only used the redirect for autosave (for example, in a c:\users\username\onedrive\pictures folder).

There's still a mystery about why Microsoft let Windows 10 October update ship with the bug, because it was reported by testers of Insider releases in June and August.

Here's the June complaint: “Yesterday morning my dev laptop upgraded to insider preview build 17692. When I logged in, I was surprised to see that C:\Users\me\Documents<\code> contained only "desktop.ini'.”

Sound familiar? It certainly did to the 57 other Insiders who clicked: “I have the same question."

And in August, another user upgraded to “Evaluation Copy Build 17713.rs5_release. 180706-1551” and also lost files – and 167 other users made the same report.

The file-trashing update was axed, and a fixed release is now available to Windows Insiders to try out. This comes amid the release of a suite of Windows security patches worthy of any Patch Tuesday, covering “Windows Kernel, Microsoft Graphics Component, Microsoft Scripting Engine, Internet Explorer, Windows Storage and Filesystems, Windows Linux, Windows Wireless Networking, Windows MSXML, the Microsoft JET Database Engine, Windows Peripherals, Microsoft Edge, Windows Media Player, and Internet Explorer.”

Basically, update your Windows 10 machines, and deploy widely when ready and tested. ®

Similar topics

Other stories you might like

  • It's the flu season – FluBot, that is: Surge of info-stealing Android malware detected

    And a bunch of bank-account-raiding trojans also identified

    FluBot, a family of Android malware, is circulating again via SMS messaging, according to authorities in Finland.

    The Nordic country's National Cyber Security Center (NCSC-FI) lately warned that scam messages written in Finnish are being sent in the hope that recipients will click the included link to a website that requests permission to install an application that's malicious.

    "The messages are written in Finnish," the NCSC-FI explained. "They are written without Scandinavian letters (å, ä and ö) and include, for example, the characters +, /, &, % and @ in illogical places in the text to make it more difficult for telecommunications operators to filter the messages. The theme of the text may be that the recipient has received a voicemail message or a message from their mobile operator."

    Continue reading
  • AsmREPL: Wing your way through x86-64 assembly language

    Assemblers unite

    Ruby developer and internet japester Aaron Patterson has published a REPL for 64-bit x86 assembly language, enabling interactive coding in the lowest-level language of all.

    REPL stands for "read-evaluate-print loop", and REPLs were first seen in Lisp development environments such as Lisp Machines. They allow incremental development: programmers can write code on the fly, entering expressions or blocks of code, having them evaluated – executed – immediately, and the results printed out. This was viable because of the way Lisp blurred the lines between interpreted and compiled languages; these days, they're a standard feature of most scripting languages.

    Patterson has previously offered ground-breaking developer productivity enhancements such as an analogue terminal bell and performance-enhancing firmware for the Stack Overflow keyboard. This only has Ctrl, C, and V keys for extra-easy copy-pasting, but Patterson's firmware removes the tedious need to hold control.

    Continue reading
  • Microsoft adds Buy Now, Pay Later financing option to Edge – and everyone hates it

    There's always Use Another Browser

    As the festive season approaches, Microsoft has decided to add "Buy Now, Pay Later" financing options to its Edge browser in the US.

    The feature turned up in recent weeks, first in beta and canary before it was made available "by default" to all users of Microsoft Edge version 96.

    The Buy Now Pay Later (BNPL) option pops up at the browser level (rather than on checkout at an ecommerce site) and permits users to split any purchase between $35 and $1,000 made via Edge into four instalments spread over six weeks.

    Continue reading

Biting the hand that feeds IT © 1998–2021