About Gary Burge
I am a graying web programmer, techno-activist, romantic idealist, who never quite left the sixties, even though I became quite successful in the Internet space.
My business philosphy is different now than when I toiled in the bigco world. About a decade ago I experienced a life-altering epiphany: I was sacrificing my personal life and health to feed a corporate monster.
More...
Categories
- Art (1)
- General (228)
- New Technologies (9)
- Politics (7)
- Strange (1)
- videos (4)
- Windows Annoyances (1)
Tag Cloud
aberdeen proving grounds ASP.Net Barack Obama cell phone connectors cell phone standards CodeIgniter Facebook Fun Google GTD Hillary Clinton homeland security Javascript libraries Jeff Pulver John Edwards John McCain joppatowne jQuery Marketing Microsoft Music music videos nomadic workers personal branding political blogs Politics programming Ron Paul Sarah Palin social identity SocialNetworking spy high Twitter us politics videos Warning Signs WordPress WordPress 2.3 WordPress category to tags WordPress tag clouds WordPress tagging working alone Yahoo YouTube Zoho
Microsoft’s stealth Windows update
Update: Microsoft has acknowledged the update, but says unannounced, non-consensual installations are standard procedure. See “Microsoft responds to stealth update issue” by ZDNet’s Adrian Kingsley-Hughes. Then read Adrian’s analysis of Microsoft’s statement here.
Microsoft may have already overwritten files on your PC without your permission or knowledge, even if you have “automatic updates” set to “off”.
Several tech blogs (Windows Secrets: Microsoft updates Windows without users’ consent, ZDNet-Hardware 2.0: Confirmation of stealth Windows Update, and WinBeta: Windows Update’s Sneaky Updates Confirmed) are reporting that Microsoft began the unauthorized updates August 24, 2007.
Nine files, all .DLLs involved with the official Microsoft Windows Update process, are being changed. No notification popup is displayed, although ZDNet’s Adrian Kingsley-Hughes found Windows Update entries in Windows’ Event viewer. No announcement has yet been made by Microsoft about the reason or need for the update.
Despite Microsoft’s silence, no one is speculating that the changes to the files are harmful.
However, the introduction of an unannounced and secret update that bypasses Microsoft’s own “Automatic Updates” mechanism is disturbing. Many companies require testing of all updates before they are installed for fear “fixes” may prevent a custom, critical, line-of-business application from running. Some users, such as ZDNet, maintain PCs in known states to test updates or problems. A surreptitious update introduces an unknown factor into a purposely controlled environment.
I did not find the updates on my PC, perhaps because in addition to turning off “Automatic Updates”, I also disable “Background Intelligent Transfer Service” (BITS) which Windows Update uses to transfer files over the Internet.
My first thought when I read about the stealth update was: “Which Russian hacker has figured out how to make spambot installations masquerade as official Windows Updates?”
My second thought was: “Which federal government agency or music licensing association has paid Microsoft to install something on my PC?”.
(My third thought was: “Linux?”)
I think this action by Microsoft is akin to Sony’s installation of a “root kit” from a music CD. Perhaps the software is harmless. But it is the betrayal of user trust that will have lasting repercussions.