Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

MS Windows update

From: David Farber <dave () farber net>
Date: Fri, 14 Sep 2007 05:58:23 -0400


Begin forwarded message:

From: dewayne () warpspeed com (Dewayne Hendricks)
Date: September 13, 2007 1:29:43 PM EDT
To: Dewayne-Net Technology List <xyzzy () warpspeed com>
Subject: [Dewayne-Net] MS Windows update

[Note:  This item comes from reader Randall.  DLH]

From: Randall <rvh40 () insightbb com>
Date: September 13, 2007 10:11:54 AM PDT
To: David Farber <dave () farber net>, Dewayne Hendricks <dewayne () warpspeed com> 
Subject: MS Windows update


<http://windowssecrets.com/comp/070913>

Microsoft updates Windows without users' consent

By Scott Dunn
Microsoft has begun patching files on Windows XP and Vista without users' knowledge, even when the users have turned off auto-updates.
Many companies require testing of patches before they are widely installed, and businesses in this situation are objecting to the stealth patching. 

Files changed with no notice to users
In recent days, Windows Update (WU) started altering files on users' systems without displaying any dialog box to request permission. The only files that have been reportedly altered to date are nine small executables on XP and nine on Vista that are used by WU itself. Microsoft is patching these files silently, even if auto-updates have been disabled on a particular PC.
It's surprising that these files can be changed without the user's knowledge. The Automatic Updates dialog box in the Control Panel can be set to prevent updates from being installed automatically. However, with Microsoft's latest stealth move, updates to the WU executables seem to be installed regardless of the settings — without notifying users.
When users launch Windows Update, Microsoft's online service can check the version of its executables on the PC and update them if necessary. What's unusual is that people are reporting changes in these files although WU wasn't authorized to install anything.
This isn't the first time Microsoft has pushed updates out to users who prefer to test and install their updates manually. Not long ago, another Windows component, svchost.exe, was causing problems with Windows Update, as last reported on June 21 in the Windows Secrets Newsletter. In that case, however, the Windows Update site notified users that updated software had to be installed before the patching process could proceed. This time, such a notice never appears.
For users who elect not to have updates installed automatically, the issue of consent is crucial. Microsoft has apparently decided, however, that it doesn't need permission to patch Windows Updates files, even if you've set your preferences to require it. 

Microsoft provides no tech information — yet
To make matters even stranger, a search on Microsoft's Web site reveals no information at all on the stealth updates. Let's say you wished to voluntarily download and install the new WU executable files when you were, for example, reinstalling a system. You'd be hard-pressed to find the updated files in order to download them. At this writing, you either get a stealth install or nothing.
A few Web forums have already started to discuss the updated files, which bear the version number 7.0.6000.381. The only explanation found at Microsoft's site comes from a user identified as Dean-Dean on a Microsoft Communities forum. In reply to a question, he states:
* "Windows Update Software 7.0.6000.381 is an update to Windows Update itself. It is an update for both Windows XP and Windows Vista. Unless the update is installed, Windows Update won't work, at least in terms of searching for further updates. Normal use of Windows Update, in other words, is blocked until this update is installed."
Windows Secrets contributing editor Susan Bradley contacted Microsoft Partner Support about the update and received this short reply:
* "7.0.6000.381 is a consumer only release that addresses some specific issues found after .374 was released. It will not be available via WSUS [Windows Server Update Services]. A standalone installer and the redist will be available soon, I will keep an eye on it and notify you when it is available."
Unfortunately, this reply does not explain why the stealth patching began with so little information provided to customers. Nor does it provide any details on the "specific issues" that the update supposedly addresses. 

System logs confirm stealth installs
In his forum post, Dean-Dean names several files that are changed on XP and Vista. The patching process updates several Windows\System32 executables (with the extensions .exe, .dll, and .cpl) to version 
7.0.6000.381, according to the post.

[snip]

-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: