Microsoft Installs New Software Without Permission

Futurepower(R) writes "Even though I have Automatic Updates turned off, on August 28, 2007, between 3:49 and 3:51 AM PDT, Microsoft installed new files on my Windows XP computer." Nine files are updated on Vista and on XP SP1, a different set of on each, relating to Windows Update itself. Microsoft-watch.com's Joe Wilcox and ZDnet's Adrian Kingsley-Hughes confirm the stealth update.

Block it

[Ragein]

Block M$ from having an interwebs connection and update from windiz, works even if they decided to ignore your settings.

Why? Re:Block it

[lecithin]

Why should you have to?

Re:Why? Re:Block it

[Applekid]

Why should you have to?

If Microsoft has the ability to forcefully modify code running on your property without your consent, I'd call that a threat.

We have a right (and I'd say responsibility) to protect ourselves from threats.

Re:Why? Re:Block it

[monk.e.boy]

If Microsoft can run code on your box, I'd expect some other people can too.

l33t crackers, the government. What would stop them?

Re:Why? Re:Block it

[Anonymous Coward]

If Microsoft can run code on your box, I'd expect some other people can too. l33t crackers, the government. What would stop them?

The law? Oh wait...

-Alberto Gonzalez

Re:

[Penguinisto]

yup... you are afraid now aren't you? As well you should be...

$ uname -a
Linux eschaton 2.6.22.1-41.fc7 #1 SMP Fri Jul 27 18:10:34 EDT 2007 i686 i686 i386 GNU/Linux

...so I'm supposed to fear something from MSFT updating Windows w/o permission ...how again?

;)

/P

Re:

[cez]

Hah...true you might not be one they update without permission...but the fear comes from someone maliciously using that process to control every Windows PC out there today to ping that nice lil box of yours off the net until Duke Nukem Forever is ported for Hurd =)

MicroStorm,

Re:Why? Re:Block it

[Anonymous Coward]

Reread the license. You have given consent to this sort of shit. If you consider it a threat, why did you agree to it in the first place instead of returning your copy of Windows?

Re:Why? Re:Block it

[Anonymous Coward]

Because it's pirated and MS hasn't found the key yet.

Re:

[StarvingSE]

LIcenses, contracts, or whatever you sign or agree to go out the window if the contents of the agreement is illegal.

I'd say that running code on your machine without your permission and knowledge consitutes the digital equivalent of trespassing and vandalism, and should be punished as such.

Re:Why? Re:Block it

[orclevegam]

Reread the license. You have given consent to this sort of shit.

In one of TFA the author mentions looking through at least the Vista license and failed to find anything in the license giving MS permission to perform updates without user consent. So, no, it's not in the license, and they did not have permission.

Re:

[Crayon Kid]

Ah, but see how many moderators automatically assumed that the Windows EULA actually allowed all kinds of shit? I find that interesting.

Re:Why? Re:Block it

[The Rizz]

I say we take off and nuke the website from orbit. It's the only way to be sure.

Re:Why? Re:Block it

[Mike Morgan]

I believe there is a clause in the EULA that prohibits nuking Redmond from orbit.

Re:Why? Re:Block it

[pabrown85]

Read your EULAs. It's your box, but it's their property running it.

Re:

[ScytheBlade1]

Sure, the CDs are sold. The documentation is sold. That box? You own it.

But to install the software located on the CD, you've gotta accept the EULA - End User License Agreement.
You own the physical medium, but you do not own the software it contains.

Re:Why? Re:Block it

[davetd02]

Well, I can anyhow. You've apparently bought into the entirely retarded idea that criminal organizations are free to impose any sort of demands on you at a whim and you're somehow magically bound by them.
The fact is that nobody is bound by the deluded crap MS puts in their EULAs unless they choose to bind themselves.

Ratchet back the aggression level there.

And there are plenty of cases that hold that you are free to enter into a license agreement with a company when you pay them money for software. See the long list of "shrinkwrap agreement" cases. For example, ProCD v. Zeidenberg http://en.wikipedia.org/wiki/ProCD_v._Zeidenberg [wikipedia.org] ("The issue presented to the court was whether a shrink wrap license was valid and enforceable. Judge Easterbrook wrote the opinion for the court and found such a license was valid and enforceable."). In other words, software companies make their product available according to the license. If you buy it, you've voluntarily chosen to enter into those terms and you are bound by them.

It's the same as buying a car. Yes, you are free to go buy a car from a dealer with no terms and conditions attached if you can negotiate that deal with the dealer. Or, if the dealer says "look, this is a brand new concept car that's not available for sale yet -- you can buy it, but you have to keep it in a closed garage and you can't take the bib and diaper off it until we tell you" then that's also a completely legal contract if you agree to buy that car. You don't get to tell the dealer "yes, I'll follow your terms" and then turn around and say "I own the car, I can do whatever I want." You entered into an agreement with the dealer and you are bound by it.

The courts have said the same is true for software. If you don't like the license terms then don't buy the software. You can argue that copyright should trump contract, but that's not how the law has worked so far. Maybe your argument is even the better one -- but it's just not how the US courts have worked. Find a client and try to change the law.

Re:

[yancey]

With your example of purchasing a prototype vehicle, I would fully expect some sort of physical contract that would require notarized signatures and copies of the completed contract for both parties before anyone would allow the buyer to leave with the vehicle. I consider that a legal and binding agreement and no verbal agreement would be sufficient. Simply clicking a picture on a screen does not meet the minimum requirements for a "legal and binding" agreement in my book. As a counter example, web sites li

Re:

[Quebec]

If you don't like terms and conditions of a car dealer you can go and buy in another dealership because it is a free market, when it comes to Microsoft Windows it is the unique point of entry of a whole market, the Windows compatible software market.

In other words; saying No to Microsoft forces you to say No to a few thousands companies. Saying No to Ford does not forces you out of any road trip destination.

So it is not the same as buying a car. Microsoft is a monopoly and it has no reason to be one except

Re:

[jorgeleon]

Well... you are wrong. The license to the software (not to its distribution medium) says that you are virtually renting it. You are paying a fee for using it, but you do not own it. From the EULA:

3. RESERVATION OF RIGHTS AND OWNERSHIP. Microsoft reserves all rights not expressly granted to you in this EULA. The Software is protected by copyright and other intellectual property laws and treaties. Microsoft or its suppliers own the title, copyright, and other intellectual property rights in the Software. Th

Re:

[Bloater]

> You do realize that (although I do not agree with it) you are licensing the software for use from Microsoft right? Read the terms in their acceptable use policy. If you did not, it's your fault for not knowing this.

No you're not, you're licensing the right to do some of the things that copyright law reserves for the copyright proprietor. The software, however, is sold and is mine. I know this because if I go into PC world and say "I'd like to buy a Windows Vista for my computer, please, it has currentl

Re:

[Crayon Kid]

I think that what the GP is trying to say is that with Vista (and possibly XP too) Microsoft transformed Windows from a software sale into a service offer. So you're not buying an item (ie. Windows OS copy), you're paying for a service (Windows update), and so you cross from copyright or property law into contract law. Also makes EULA legit, because it's not imposing terms after you bought an item (which would be arguably illegal), it's doing it before you start using a service. Pretty cunning of Microsoft,

Re:

[Bloater]

No, I *AM* buying software. That's what you do when the sales guy in a high street shop hands you a box with software in and you hand him money. It *is* a sale. It is virtually the very legal definition of a what a sale is. I suggest you read up on British consumer law.

Hang on a minute...

[Anonymous Brave Guy]

Sorry for replying to my own post, but further reading suggests this isn't nearly as bad as TFSummary makes out. If you follow the links to the stories on the other sites, and read the comments and links given there, a lot of people are suggesting that this is only updating Windows Update files when you visit the Windows Update site, and not in fact a push of arbitrary changes at all. There's so much hype and FUD flying around this discussion that it's hard to see the wood for the trees.

Confirmed by Microsoft

[recoiledsnake]

You're right. MS has posted a blog here [technet.com] which pretty much confirms what you said. What I am really interested to see is if Slashdot will post a correction.

Re:Why? Re:Block it

[ChrisA90278]

"If Microsoft has the ability to forcefully modify code running on your property without your consent, I'd call that a threat."

Did you read you EULA? The copy of Windows Vista you have is NOT your property. It belongs to Microsoft and they are just granting you a license to use it. Are you sure you did not give oncent? Maybe read it again.

What I can beleive is who many people agree with these license terms. If just 1% refused and returnd the product for a re-fund the terms would change. Consummers are stupid.

Microsoft does not own your copy of Windows

[Pfhorrest]

Did you read you EULA? The copy of Windows Vista you have is NOT your property. It belongs to Microsoft and they are just granting you a license to use it. Are you sure you did not give oncent? Maybe read it again.

The COPYRIGHT of Windows Vista is Microsoft's "property" (as are various patents it implements and trademarks it displays, but those aren't really relevant here). That is, MS "owns" certain legal protections on duplicating and redistributing that pattern of information. The COPY, the actual instantiation of that software on your disk, is YOUR property, as are the disks themselves and all the rest of the hardware. There is no license required to use that copy you have however you see fit; the only restricti

Re:

[CastrTroy]

Nobody has to have Windows. Nobody even has to have a computer. There's lots of people without computers. Having a computer and having windows installed are both choices you make. You may even need Windows to operate your business. But then again, that's how you've chosen to do business. Or you clients require that you have Windows, to create MS Word compatible documents. But that's who you've decided to do business with. Nobody forces you to use Windows.

In all honesty, I'm not completely for or a

Re:

[Schraegstrichpunkt]

In theory theory and practise are the same in practise they are not.

Only if your theory is deficient.

Re:

[smittyoneeach]

I like "The difference between theory and practice is greater in practice than in theory."
Something about ending the sentence on a prepositional phrase, instead of breaking it into two, adds an extra hint of dissonance.

Re:Why? Re:Block it

[IpalindromeI]

I've usually heard it as, "In theory, there's no difference between theory and practice. In practice, there is."

Re:Why? Re:Block it

[mulvane]

If automatic updates is turned off, and the service is disabled, just how did MS know to send an update to the machine in the first place?

Re:Why? Re:Block it

[Nomaxxx]

If automatic updates is turned off, and the service is disabled, just how did MS know to send an update to the machine in the first place?

The trick is that in Windows XP, even if "Automatic Updates" are turned off, the "windows update" service is still launched at startup. You have to manually disable it in msconfig.

Hmm....

[TechnoBunny]

...I cant see how anyone on /. would ever object.

Anyone want popcorn?

Can't Win for...

[WED Fan]

/.er:Windows is insecure, Microsoft is evil.

/.er:Where are my patches?

/.er:You're evil because you patched my system.

MS:O.k., we'll make a system the user can run and patch them system that way.

/.er:You're evil because most lusers won't set it up properly and the net will be taken over by these luser's machines.

MS:O.k, we'll patch the system involuntarily.

/.er:You're evil for patching my system that way.

MS: You've made a career at being happy with whatever prevails, right?

Re:

[Watson Ladd]

They should just design it right in the first place. This is not rocket science. Many of the security holes are exactly the same. We keep on seeing buffer overflows. You should be getting new kinds of hole each time if you properly audit your code for the kinds of hole you know about, ex. OpenBSD. And you should think about the security architecture and make sure a good implementation of it will not have holes due to design.

Re:Can't Win for...

[Frosty Piss]

They should just design it right in the first place. This is not rocket science.

This is an asinine statement. OSs and the various supporting systems are complicated, often involving many 10,000 of lines of code. Even Linux requires patches, is it because Torvalds and his leigons of OSS bots didn't "design it right in the first place"? It's *not* rocket science, it's *computer science*, and it's not exactly as easy as assembling your little red wagon.

Re:Can't Win for...

[pla]

MS:O.k, we'll patch the system involuntarily.

"...But not anything that might actually affect security, only those features relating to disabling machines we consider invalidly licensed. Because we never make mistakes regarding licensing issues."

Yeah, I most certainly do take issue with them patching a system against the owner's wishes. After the owner has explicitly disabled autoupdating, I would go so far as to call that "criminal trespass". And doing so in a way that neither fixes nor improves the security of a machine... Not justifiable in any context.

You couldn't be more wrong.

[Kadin2048]

Deal with it, you're pissed at MS for being the top dog. Then you've looked around for the low hanging fruit, that exists for all projects, for your justifications.

No, I dislike Microsoft for two major reasons: one is that they promote and maintain a monoculture, and actively try to make that monoculture incompatible with anything else. Windows would be a lot more acceptable, if it played nice and interoperated with other systems based on established standards. I'm more than happy to let everyone choose whatever OS they want, based on their needs and what fits them best, but "the Microsoft way" works directly against that: their use of proprietary, incompatible, or just plain broken 'standards' forces many people who would be best suited with a different OS to use Windows, and that's a net loss for everyone.

On a more personal level, I dislike most Microsoft products (with certain notable exceptions), because I think they have a corporate culture that promotes mediocrity and "good enough"-ness. As someone who has always labored to pursue quality and technical correctness as an end in itself, I find the inherent laziness in their products offensive. I understand this is a personal decision; looking at other product arenas, the mass market is usually filled with garbage. This is fine, and consumers should have a choice as to what they want to buy. However, I detest Microsoft for virtually eliminating the consumer's ability to buy better.

Also, they have an apparent contempt for both their competitors, which is understandable if unwarranted, and their customers, which is unacceptable.

I don't hate Microsoft for being on top. I hate them for being on top, while pushing an inferior product than the market would produce in their absence, on all of us.

Re:You couldn't be more wrong.

[Blakey Rat]

I would just like to point out that he could, in fact, have been more wrong. He could have stated, for instance, that Microsoft is run by dolphins from an secret underwater base in the artic.

Re:You couldn't be more wrong.

[thegnu]

Except for the whole anticompetitive practices thing. Exploiting people who are uneducated in a field is unethical. For people who are educated in the field, they may contest the people who don't conduct themselves ethically.

There is a LOT of vendor lock-in for MS Windows, and it's in large part because of their unfair practices, and the free pass they got from the government for disseminating American software on all the world's computers.

Yes, and please keep doing this.

[Erris]

You linked to twitter's journal, eh?

Indeed, I did and I'd like to thank all of you Assholes Cowards for pointing it out to me. I ordinarily ignore your posts and don't pay much attention to user names. Your "ERRIS is the TWITTER" nonsense finally enticed me to look and I like what I found. Please keep advertising twitter.

Non free software is a vital part of any government's attack on people's liberty. Besides the direct attack on software freedom, non free software is used to keep tabs on citizens

and the surprise is?

[rucs_hack]

That's the proprietary software world for you.

The solution is simple, install Ubuntu.

Why is this a troll?

[HangingChad]

Those are exactly the kinds of things you agree to with EULA's, and it's not just Microsoft. Software licenses get more bizarre and dickish by the day.

Re:and the surprise is?

[rucs_hack]

*sigh* nice troll. 4/10

Hmm, care to prove me wrong? How many open source projects enforce monitoring or hidden updates about which there is no choice on users?

Re: Ubuntu monitoring

[Dolda2000]

Ubuntu installs the package "popularity-contest" by default, which reports every package you're using and how often. That's large scale stealth spying, but it's not proprietary so it should be ok...

Yeah, it is installed by default, but during the installation procedure you do get the question of whether you actually want to enable it. It is worth noting that it defaults to "no" if you just click past it.

To see if you are affected under Cygwin

[morgan_greywolf]

Under cygwin, you can type:

strings /cygdrive/c/windows/system32/wuapi.dll | grep 7\.0\.6

If you get back something like:


7.0.6000.381
7.0.6000.381 (winmain(wmbla).070730-1740)
7.0.6000.381


then Microsoft has secretly updated you.

This reveals MS Secret loves

[Anonymous Coward]

Does wmbla stand for Windows Man Boy Love Association???

Boy I need to spend time away from the interweb

And?

[FoolsGold]

I'm pretty sure the EULA states somewhere MS can do this. You agree to it when clicking that little checkbox for accepting the license when installing the damn OS.

and this isn't the first time

[acidrain]

I can recall their updater running without my say so a few times now. So I figure my still running Windows is implicit consent. And frankly as someone "technical" yes it seems offensive, but if you consider Microsofts position when faced with a potential security melt-down all over the news vs. a little whining on /. it seems like an easy thing for them to do. And it wouldn't surprise me if their updater was remotely exploitable. Actually it would surprise me if it wasn't.

What's the IP address?

[frovingslosh]

It would be nice to know the IP address that is being contacted here. With that, automatic update could be turned off at the router/firewall. If you trust Microsoft you always get punished.

Re:What's the IP address?

[walt-sjc]

I know the one you are talking about. Has this thing about "chairs".

Re:

[frovingslosh]

Personally, I have the updates turned of on my legal copies of XP because I'm trying to stop stuff like the only time that I did accept the "security ipdate" and suddenly my hardware would no longer run Linux, although it worked fine before the update, and the Linux was on a CD (Knoppix). Before you say that software can't do that, understand that NICs have a small eeprom on them, so that the manufacturers can store unique MAC addresses in them. And in my case the eeprom could also hold some default setting

Re:What's the IP address?

[Niten]

This isn't directed entirely at you, but I do find these "I don't trust Windows Update" type comments quite ridiculous. So you trust Microsoft to write your computer's entire operating system, but you're afraid that a patch might contain something nefarious? Granted, software updates may accidentally break things from time to time (this is true on OS X and even Linux as well as on Windows), but if your concern is that Microsoft may try to install something "evil" on your computer - too late, you're already running their closed-source operating system; the damage, if any, is done.

If you're that concerned about it, install BSD or Linux instead. In any event, do everyone a favor and keep up with the latest security updates on whichever operating system you run.

I had a roommate once who refused to install Microsoft's Windows 2000 patches on his laptop, right up until my NIDS discovered his computer attempting to propagate the Zotob worm. Oops. He installs software updates now.

Dear god.

[Brian Lewis]

Is it me or does this just seem down right nasty?

If a person who uses vista or xp did not want any updates to their OS, they turn off Automatic updates. It's their choice. Where does Microsoft get off thinking that something like this is acceptable?

If I ran either of those operating systems, I would probably file a lawsuit, as to me that is a huge invasion of privacy. If they can force you to update those few files, they can absolutely view any and every file on your computer.

Although, this should come as no surprise...

Re:Dear god.

[The Cisco Kid]

No, its not their choice. Once you choose Microsoft, their terms allow them to choose anything and everything else that Bill Gates & company want to chose for you.

The only choice is to either use Microsoft products, or not to. One leaves someone else in control of your system, another retains control for you.

Anyone who is shocked or surprised by this just hasnt been paying attention for the last ten years or so.

Why are you whining?

[The Cisco Kid]

You chose to use proprietary software from a company that uses its control to illegally maintain a monopoly. You really think they are going to be bothered to care wether you give permission to update that software any damn time they want, for whatever reason they want? (And/or, a company that produces shoddy unstable 'oh look its shiny' software for nincompoops and that they are competent enough to actually be able to keep track properly)

There is no halfway. Eiher you give control of your system to Microso

WGA is coming to get you

[rucs_hack]

I'd give it six months and this will be used to enforce install of WGA on every windows machine.

That's the last thing you want!

[BadAnalogyGuy]

Why would you want to run an unpatched XP box?

Re:That's the last thing you want!

[musikit]

because a large majority of people dont patch windows and i need to test my software with the least common demoninator to ensure it works on all systems

Re:That's the last thing you want!

[Pojut]

OK, so have a "test box". I myself have one. Guess what cable never get's plugged into it? That's right, the ethernet cable. If I'm doing something that requires the use of my in-house LAN, guess what gets unplugged....that's right, my connection to the outside world.

It's not that difficult really...I find that having an isolated not-connected (not even to my internal network) windows 98 box is FANTASTIC for my older games...fuck DosBox, I'll just build a 200 dollar killer Win98 box.

Re:

[Just Some Guy]

OK, so have a "test box". I myself have one. Guess what cable never get's plugged into it? That's right, the ethernet cable. If I'm doing something that requires the use of my in-house LAN, guess what gets unplugged....that's right, my connection to the outside world.

That's infallible. Until, of course, Windows gets peer-to-peer updating.

Test box: Hi everyone!
Main box: Hey! Got WGA 543.64 yet?
Test box: No. Good?
Main box: Sure! Here you go.

Re:

[scribblej]

Wow, when you learn how to handle all that in your router/firewall then you will /really/ be cool, and won't have to crawl around unplugging and plugging cables.

When I need a computer to stay off the internet, guess what I don't have to fuck with? That's right, ethernet cables.

What level of 'disabled'

[quantum bit]

I wonder if this still happens even if you have set the Automatic Updates service to 'Disabled' in services, rather than using the control panel applet which tells it not to update but still leaves the service running.

Probably a good idea to disable the BITS service too.

Re:What level of 'disabled'

[dc29A]

I tried something like that with WMI when MOM agent (or was it SMS agent, can't recall) was eating up way too much CPU. I disabled WMI service. Reboot the machine, to my shock, WMI service was started despite being disabled. If MOM or SMS can do that, I am sure Windows Update could force start BITS even if it's disabled.

If they can push...

[loki.jf]

Can they pull? Interesting question to ask I think.

They've *always* had the ability to pull....

[Anonymous Coward]

...since Windows 95 even. It's part of the remote registry background process that facilitates the ability to read data from any file in the filesystem, not just only the registry files.

Why does no one every read the license

[skyggen]

license? Do you own your copy of windows? No. You are only licensed to use it under their terms. Do you own M$ Office? No. You are only licensed to use it. If Microsoft wants to change their files on your computer they can. Also read carefully because some licenses of Microsoft actually claim that were you to so much as add any hardware you no longer are licensed and your windows copy will be in validated. I use linux, I don't have these problems. It has never been that Linux was a superior operating system. I mean for the longest time I had to deal with so much shit to to listen to an mp3. BUT the one thing about Linux is Your copy is Your copy to share and to see everythijg it does. Using linux was the first time I could take my Foil Hat off in years.

Re:

[tgd]

Wrong, your copy of Linux is no more yours than your copy of Windows. Both are copyrighted works owned by others which you have a limited license to use. In the case of Linux that license grants a few more (limited) rights than Windows does, but its entirely inaccurate to claim that you own your Linux copy.

Re:Why does no one every read the license

[caseih]

Not quite. Almost all distros of linux have *no* EULA. The license" you refer to (licenses, actually) govern redistribution. Because of said redistribution rights, the moment you receive Linux from someone exercising those rights you can now do whatever you want with linux. The moment you choose to distribute it to someone else, the license comes into effect.

This is generally very different from the "licensing" you talk about with Windows. In fact, even though it is all based on the same copyright law, these are, for the user, very different things.

I do in fact own Linux as much as copyright law allows. Something that the Windows EULA never allows.

Re:Why does no one every read the license

[Karellen]

Rubbish.

It's just as accurate to say you own a copy of Linux as it is to say you own a copy of a book.

In neither case do you own the copyright for the item in question, but you do own the copy you have.

You own books, don't you?

completely wrong

[asdfghjklqwertyuiop]

You are completely wrong. You don't have to agree to any license to use linux at all. You can do whatever you want with it within the bounds of copyright law without agreeing to anything at all. The only time the license applies is when you want to do something copyright law prohibits. That's COMPLETELY unlike the windows licensing situation.

It is completely accurate to say that your copy of linux is completely yours. So is your copy of windows for that matter, it is just a question of wether or not the cre

Which begs the question...

[pieaholicx]

Does this mean that somewhere hidden deep in the API is the ability to automatically download and install files without user consent? Does this mean that somebody else could use that exact API to do something a bit less friendly? Does anybody else feel a whole new batch of windows security alerts?

Re:

[leehwtsohg]

No, I think it simply means that when microsoft wrote microsoft update, they coded the update process twice: once for update itself, and once for everything else. Then, when they thought about allowing the user to not update the system automatically, they didn't think of applying it also to updating system update.
Quite usual - code something X times, and forget where they all instances are. That is why you have to hunt through thousands of places to figure out where you turn off the annoying popup messages

Re:

[HangingChad]

Does anybody else feel a whole new batch of windows security alerts?

Microsoft would only fix it if they saw it as a problem. If they saw it as a problem, they wouldn't be using it as a back door for updates. From their standpoint, there's no problem. Microsoft either knew all along user update preferences could be ignored or they built it that way deliberately. No way to put a smiley face sticker on that.

There's no reasonable way Microsoft could use stealth update and not expect to get caught some

Re:

[ByteSlicer]

That's true. If there is no other hole in the download mechanism. Since we don't know how MS forced the updates, and given their previous track record, that's a big IF.

Is it only happening to XP and Vista?

[Mark_in_Brazil]

TFAs only mention XP and Vista, but I have Windows 2000 (it will be the last Windows I ever own, and I'm just keeping it running until my end-of-year trip to the USA, when I'll buy a Macbook) and was surprised when I woke up one day this week (either the 11th or 12th of September) and found my computer showing the "got restarted and waiting for somebody to log in" screen. Before I had a UPS, that happened now and then, but since getting a UPS, that shouldn't happen unless we get a major power failure that lasts longer than the several minutes my UPS's battery gives me. That hasn't happened since I got my UPS, and I noticed that other things around the house showed no signs of power loss, despite my computer having been restarted.
When I logged in, Windows Update informed me that it had installed updates. That's hard to understand, since I've had Windows Update configured for a long time now to ask me before installing anything. When I saw the item on /., I thought I might have discovered what happens, but TFAs only talk about XP and Vista.

So was what happened to my computer (running Win2K) the same thing? Did others with old versions of Windows have the same experience?

No statement from M$?

[Sqweegee]

I'm really surprised that they think so little of us that they didn't at least bother to write up a canned statement about the update. Didn't they expect anyone to notice the patching? Many people take others messing with their PCs very seriously, be it micro$oft or some script kiddie out there, and track this kind of thing constantly.

Any word on what the purpose of the patching is?

Re:

[pintpusher]

I was thinking just this same thing and you said it first. If it was my machine (all linux here ;-P) I'd be seriously considering wiping and starting over. Its one of the first rules, isn't it, that if you don't know what caused a change on the system, then assume its been compromised. The longer MS goes without a statement about this, the more and more I'd be looking at this as a security breach. Time to reinstall all those boxes people. If it was a real update, you'd be able to get it again in the future.

omg hackers

[deftcoder]

Why hasn't someone diff'd the files that were updated and dived into the disassembly and checked to see what was actually changed?

Would be more informative than bitching about it...

Re:omg hackers

[mhall119]

That could take hours, bitching takes mere seconds. Here on /. we strive for efficiency, not accuracy.

Re:omg hackers

[enrevanche]

Repeat after me, "I will never ever again use the words slashdot and efficiency in the same sentence."

Re:omg hackers

[mhall119]

Repeat after me, "I will never ever again use the words slashdot and efficiency in the same sentence."

I would, but repeating that statement would immediately violate it.

Policy violation

[NullProg]

Doesn't this violate every corporate network policy on the planet? What about the defense department?
What if the one of the computers was monitoring a critical system and the stealth upgrade crashed the system?

Isn't this a violation of Sarbanes-Oxley computer auditing requirements?

Food for thought.
Enjoy,

Re:Policy violation

[pointbeing]

...What about the defense department?

Present!

I work for an agency under DoD and my machine was *not* updated. Perhaps corporate versions of XP are unaffected?

Re:

[pointbeing]

We do use SMS but SMS in itself wouldn't prevent the install. Local Windows Update is disabled by domain policy.

My guess is as another poster mentioned - the update was blocked by a firewall rule. That's interesting, though - because I'd figure a heck of a lot of Windows machines - especially those owned by /.ers would be on nonroutable networks and there'd be no way for MS to push to them. Wonder if the installation is initiated by the client?

Curiouser and curiouser.

FUD brakes please!

[Toreo asesino]

The only thing that Automatic Updates, updates is itself, the AU service can be disabled, and this doesn't apply to computers running under WSUS (read: every corporate network machine, so only applies to home computers).

So it's not brilliant of MS to do this, but not the end of the world either.

Ok ok! There's no excuse, you're right.

Purpose?

[Tom]

I'd really like to know the purpose.

If it were anyone but MS, I'd assume it was a countermove to Storm or some other large botnet (you don't think Storm's the only one, do you?) which disables or subverts the usual automatic update process.

Knowing this is from MS, I wouldn't be surprised if it's WGA or some DRM crap.

Do they have administrative privileges?

[Erikderzweite]

As far as i am concerned, you need to have administrative privileges to alter those files. That means - MS does have them. So they have access to all data on affected (or should I say infected) PC. Now that's something authorities have to be VERY worried about. If they can use this loophole - someone else can act the same way. So much for privacy...
Ahh, what a pleasure it is to run emerge -uDN world. Updates only when YOU decide to do them. Ultimate freedom if you wish.

This freedom clearly overcomes all artificial difficulties with Linux. By "artificial" i mean hardware providers who don't provide drivers/specs and stupid patent regulations that require you to manually install additional codecs in order to play mp3/dvd. Linux IS a superior system because both problems have nothing to do with the system itself.

1984 and 1/2

[theolein]

While reading TFA, something in TFA caught my attention, here a list of changed components:

1. cdm.dll
2. wuapi.dll
3. wuauclt.exe
4. wuaucpl.cpl
5. wuaueng.dll
6. wucltui.dll
7. wups.dll
8. wups2.dll
9. wuweb.dll

1.Iwonder.dll
2.whenmsft.exe
3.willsee.dll
4.youcan.dll
5.usemore.exe
6.than8_3.dll
7.notation.dll
8.innames.exe
9.1984want.scr
10.itsdos.dll
11.back.txt

Re:I expect this from M$

[El Lobo]

What is really sad is that everybody here blindly trust this "article" without really checking and re-checking other sources. That's the scary thing these days.

Re:I expect this from M$

[B'Trey]

That's a fine setting for a home system. It's asking for trouble in a corporate environment, particularly one where you run custom applications or services. If this [com.com] happens on your home computer, it's largely an issue of annoyance and inconvenience. If it happens to large numbers of computers in an enterprise, it may mean losses of millions of dollars. Most enterprises test patches on lab machines to identify issues before they deploy them. MS (or Ubuntu or Apple or whomever) has no business patching anyone's machine without permission. Period.

Re:I expect this from M$

[januth]

Exactly what I was going to say. Any larger organization worth its salt is using a standard image on their PCs. Changes to that image have to be properly vetted through a change control process. For Microsoft to make changes with AutoUpdate turned off is, quite simply, wrong.

Re:I expect this from M$

[Red_Foreman]

No, whats really scary is just how common it is for blind-MS hate and Linux fanboi-ism to cause people who should know better to do things like run with Windows Update turned off.

Many companies will not install patches - even the automatic Windows Update ones - until they have a chance to test it themselves and make sire that the patch doesn't inadvertently break mission critical applications.

Sometimes, even with known issues, the devil you know is better than the devil you don't...

I happen to like the fact that all three OS's I use (Ubuntu, OSX and Windows) patch themselves automatically for critical updates. I don't get butthurt about any of the three keeping themselves updated.

Wait until you get a call at 4:30 AM from an irate boss complaining that [Killer App A] is no longer working because a patch overwrote a DLL and it's now *your* problem.

If Automatic Update works for you - that's great for you. But for a lot of companies, automatic updates is like playing Russian roulette with a Glock 9mm...

Re:

[jtdennis]

the article says that computers configured to update via WSUS were not affected. I can confirm that my computer wasn't updated. Most companies that pay attention to their updates probably use WSUS to manage them.

Re:I expect this from M$

[confused one]

I patch the boxes myself. I do it regularly. I CAN NOT have Microsoft patch them automatically because I run long duration tests that CAN NOT be interrupted by an update or a reboot.

My Windows XP SP2 computer was updated...

[Futurepower(R)]

My hardware and software firewalled Windows XP SP2 computer was updated, and Automatic Updates is turned off. This is the list copied from the Event Viewer:

Information 8/27/2007 3:54:58 PM Windows Update Agent Installation 19 N/A MT
Information 8/27/2007 3:54:23 PM Windows Update Agent Installation 19 N/A MT
Information 8/27/2007 3:54:17 PM NtServicePack None 4377 MichaelJ MT
Information 8/27/2007 3:54:10 PM Windows Update Agent Installation 19 N/A MT
Information 8/27/2007 3:54:05 PM NtServicePack None 4377 MichaelJ MT
Information 8/27/2007 3:53:57 PM Windows Update Agent Installation 19 N/A MT
Information 8/27/2007 3:53:49 PM Windows Update Agent Installation 19 N/A MT
Information 8/27/2007 3:53:47 PM Service Control Manager None 7036 N/A MT
Information 8/27/2007 3:53:47 PM Service Control Manager None 7035 SYSTEM MT
Information 8/27/2007 3:53:44 PM WindowsMedia None 4377 MichaelJ MT
Information 8/27/2007 3:51:50 PM Windows Update Agent Installation 19 N/A MT
Information 8/27/2007 3:51:45 PM NtServicePack None 4377 MichaelJ MT
Information 8/27/2007 3:51:26 PM Windows Update Agent Installation 19 N/A MT
Information 8/27/2007 3:51:21 PM NtServicePack None 4377 MichaelJ MT
Information 8/27/2007 3:51:15 PM Windows Update Agent Installation 19 N/A MT
Information 8/27/2007 3:51:10 PM NtServicePack None 4377 MichaelJ MT
Information 8/27/2007 3:51:02 PM Windows Update Agent Installation 19 N/A MT
Information 8/27/2007 3:49:19 PM Windows Update Agent Installation 19 N/A MT

(I submitted the Slashdot story, and mistakenly said the time was AM.)

This was definitely without my permission, and raises the question about who has control over my computer, me or Microsoft. If Microsoft can put files on my computer without my knowledge, then it is really Microsoft's computer, which is control that I find extremely objectionable.

I feel left out... my computers didn't update.

[NotQuiteReal]

I have (3) Win XP (pro) SP2 computers on all the time, and one Win2K SP4.

None of them have the indicated "stealth" updates.

The only computer that has the "7.0.6000.381" versions is a laptop that I explicitly updated last night (before reading about this issue.) Both the Win XP Home and Win XP Pro partitions have the newer wu* files... the ubuntu partition does not ;-)

Do you have that ugly Windows Security Alerts shield in your system tray? Mine is turned off. Maybe the wscntfy.exe program gets some up

Re:

[grondak]

If Microsoft can put files on my computer without my knowledge, then it is really Microsoft's computer, which is control that I find extremely objectionable.

You've hit the nail on the head here, OP. Computers running Windows (and probably every commercial OS) belong to Corporate America. Our "experience" on those computers is tuned to project Corporate America's image-- their thoughts, their desires, their decisions about how we should exist and consume-- right at us... and it's hardly subliminal. If our e

Re:

[quantum bit]

It sounds from TFA that Automatic Updates wasn't completely disabled, but probably set to 'notify me when new updates are available but don't download or install them'. In that case the service is still running and periodically phoning home to get the list of updates.

Presumably there's some sort of flag that can be set on an update which overrides the user's settings and installs it anyway. Reading the other comment from the article's author it sounds like there WERE entries in the event log about its ins