Microsoft’s stealth Windows update

Update: Microsoft has acknowledged the update, but says unannounced, non-consensual installations are standard procedure. See “Microsoft responds to stealth update issue” by ZDNet’s Adrian Kingsley-Hughes. Then read Adrian’s analysis of Microsoft’s statement here.

Microsoft may have already overwritten files on your PC without your permission or knowledge, even if you have “automatic updates” set to “off”.

Several tech blogs (Windows Secrets: Microsoft updates Windows without users’ consent, ZDNet-Hardware 2.0: Confirmation of stealth Windows Update, and WinBeta: Windows Update’s Sneaky Updates Confirmed) are reporting that Microsoft began the unauthorized updates August 24, 2007.

Nine files, all .DLLs involved with the official Microsoft Windows Update process, are being changed. No notification popup is displayed, although ZDNet’s Adrian Kingsley-Hughes found Windows Update entries in Windows’ Event viewer. No announcement has yet been made by Microsoft about the reason or need for the update.

Despite Microsoft’s silence, no one is speculating that the changes to the files are harmful.

However, the introduction of an unannounced and secret update that bypasses Microsoft’s own “Automatic Updates” mechanism is disturbing. Many companies require testing of all updates before they are installed for fear “fixes” may prevent a custom, critical, line-of-business application from running. Some users, such as ZDNet, maintain PCs in known states to test updates or problems. A surreptitious update introduces an unknown factor into a purposely controlled environment.

I did not find the updates on my PC, perhaps because in addition to turning off “Automatic Updates”, I also disable “Background Intelligent Transfer Service” (BITS) which Windows Update uses to transfer files over the Internet.

My first thought when I read about the stealth update was: “Which Russian hacker has figured out how to make spambot installations masquerade as official Windows Updates?”

My second thought was: “Which federal government agency or music licensing association has paid Microsoft to install something on my PC?”.

(My third thought was: “Linux?”)

I think this action by Microsoft is akin to Sony’s installation of a “root kit” from a music CD. Perhaps the software is harmless. But it is the betrayal of user trust that will have lasting repercussions.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s