Thursday, February 28th 2019
Anti-cheat Software Runs Amok Causing System Crashes in Windows 10 Insider Previews
In what is likely to cause some hand wringing or chuckles depending on upon your personality, Microsoft's Windows 10 Insider Preview Slow Ring (beta versions of the OS) has not seen a new release in months. This is due to a common Anti-cheat software running amok and causing GSODs (replacement for BSODs in preview builds). The problem itself has existed for a few months and needs to be fixed by the creators of the software as noted by Chief of the Windows Insider program, Dona Sarkar, on twitter. Apparently, this isn't something Microsoft can fix due to how the software itself functions. Essentially the unspecified anti-cheat software runs in kernel mode and tampers with various aspects of the OS that it is not supposed to tamper with. While it is possible, the software is using allowed hooks in order to function. It is also possible that in the process it is damaging kernel data structures and code. This situation is likely to stir up debate on how effective anti-cheat software is considering it seldom seems to stop determined cheaters and as of now is causing the OS crash and is proving to be a thorn in Microsoft's side.
Still, this has more ramifications than just some system crashes or a software company that needs to edit some code. It directly results in Microsoft having to delay Preview releases. Since these Slow Ring builds can't be tested or validated. Pair that with the fact Microsoft's testing of Windows 10 builds is already considered lackluster with many bugs and issues going unresolved and you end up with a rather grim situation. After all, it was only a few short months ago that the October 2018 update was released after suffering numerous problems and delays. If issues like that continue, it seems the April 2019 update could be delayed as well. To avoid this and to get something done, Microsoft will be pushing out a Slow Ring build to systems that do not have the offending anti-cheat software. Better late than never but you would have thought that this solution would have been implemented sooner.
Sources:
Ars Technica, Twitter 1, Twitter 2
Still, this has more ramifications than just some system crashes or a software company that needs to edit some code. It directly results in Microsoft having to delay Preview releases. Since these Slow Ring builds can't be tested or validated. Pair that with the fact Microsoft's testing of Windows 10 builds is already considered lackluster with many bugs and issues going unresolved and you end up with a rather grim situation. After all, it was only a few short months ago that the October 2018 update was released after suffering numerous problems and delays. If issues like that continue, it seems the April 2019 update could be delayed as well. To avoid this and to get something done, Microsoft will be pushing out a Slow Ring build to systems that do not have the offending anti-cheat software. Better late than never but you would have thought that this solution would have been implemented sooner.
37 Comments on Anti-cheat Software Runs Amok Causing System Crashes in Windows 10 Insider Previews
Anticheat has gone overbroad imho... it has no connection or responsibility from microsoft...
I digress... Microsoft..
If it was up to me, this late in the game, I'd say who is the developer responsible for the anti-cheat software and screw everything else.
Say hello to Windows 10 TruePlay:
Granted, being they wrote the kernel, they are probably the only ones who can really do this right. I'm still skeptical that they will, sadly.
If an app goes rogue and starts to mess in memory registers where it should not? It has to be compatible with the kernel, but they are the lazy bums, it has been months and they didn't fix it and ignored. It was reported in the hub.
AND most importantly... if that shit code could even work against cheaters...
also mate... insider builds doesn't have true play. yet it didn't change the behavior. You are blaming the wrong party.
If you need blame, battleeye does indeed suck.More like it's just on by default as a kernel feature now. It was only togglable in early builds nearly a year old.
Basically... if AMD or Nvidia driver causes gsod in a specific game, then it is their fault, okay, everyone and their dog understands it. If not then it is Microsoft's fault? Also the article is about beta unfinished product, thirds, why certain game creators do not suffer it, and for the matter switch to another anticheat group, that ships side by side inside the game, for example like Fortnite. When someone uses their head, it saves a lot of problems, ain't it? Yet someone has to make a yellow press article from it, without any experience using the insider builds at all. There cannot be any WHQL by now anyways, there is no gold code shipped. So basically Microsoft has no rights to alter their kernel code during development phase, and if it causes to break some specific code it becomes an issue? That's the whole point of this news?
From where did you pull out that TruePlay is a kernel feature now? It is actually a xbgmsvc service, as usually you have many ways of enabling windows features on or off... in current builds such service is not present at all and is omitted. Also... what it has to do with this particular issue is beyond me. They have xbox right? They really know how to protect their ecosystem for years... sky is blue also btw...
Seriously, back to the drawing board. Find another way.
The only peculiarity here is Microsoft (and presumably the makers of said anti-cheat) being unable to figure this out for months and being unable to come up with a workaround in the meantime.
Yet another reason not to allow Microsoft to meddle in PC gaming. Multiplayer anti-cheat code needs to run local to the game itself, server side, NOT in the OS kernel. Luckily, I remove all of the files related to the XBox service and then delete the Xbox services themselves.
Being online wont be enough.