Tech & Biz

Microsoft Updates Windows without Consent- Like Spyware

by Jordan Yerman | September 14, 2007 at 10:04 am

397 views | 10 Recommendations | 1 comment

This is disturbing. Microsoft is mixing stealth (not notifying users that their machines are being accessed from afar) with arrogance (presuming their patches are improvements, when some actually do harm).

In recent days, Windows Update (WU) started altering files on users' systems without displaying any dialog box to request permission. The only files that have been reportedly altered to date are nine small executables on XP and nine on Vista that are used by WU itself. Microsoft is patching these files silently, even if auto-updates have been disabled on a particular PC.

It's surprising that these files can be changed without the user's knowledge. The Automatic Updates dialog box in the Control Panel can be set to prevent updates from being installed automatically. However, with Microsoft's latest stealth move, updates to the WU executables seem to be installed regardless of the settings — without notifying users.

When users launch Windows Update, Microsoft's online service can check the version of its executables on the PC and update them if necessary. What's unusual is that people are reporting changes in these files although WU wasn't authorized to install anything.

This isn't the first time Microsoft has pushed updates out to users who prefer to test and install their updates manually. Not long ago, another Windows component, svchost.exe, was causing problems with Windows Update, as last reported on June 21 in the Windows Secrets Newsletter. In that case, however, the Windows Update site notified users that updated software had to be installed before the patching process could proceed. This time, such a notice never appears.

For users who elect not to have updates installed automatically, the issue of consent is crucial. Microsoft has apparently decided, however, that it doesn't need permission to patch Windows Updates files, even if you've set your preferences to require it.

CNET's Michael Horowitz chooses not to mince words:

Microsoft has crossed the line. They have been disliked by many techies, for arrogance, incompetence and more. But, this wasn't a universal opinion and reasonable people could have disagreed. Now however, the question of Microsoft's corporate character has left the realm of opinion and landed firmly in fact.

They are bad guys.

0 See all footage | View Slideshow

Share: email story | add to any | | facebook | stumbleupon

recommend This comment thread is now closed

angryindian

flagged this story as Good Stuff

at 08:13 on September 19th, 2007

Thanks for this find Jordan. Ever since the German press reported that Micorsoft was working behind the scenes with the NSA, I have not trusted them since. Moonie is right, Linux and other open-source operating systems may be the way to go for those concerned about their privacy.