A reboot did not fix the VMs for her. A Google search revealed that she had to install some additional dev package.

I didn't think that Canonical was sabotaging her computer. What I do think is that Canonical is using security updates as an upselling opportunity.

In my opinion this is a bad idea, especially if the language used is vague enough to mislead people.