Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Microsoft changes Windows XP online 'Product Use Rights'

From: InfoSec News <isn () c4i org>
Date: Thu, 14 Feb 2002 03:42:03 -0600 (CST)
Forwarded from: Leon Kuunders <leon () netsecure nl>

Is it a new trend to change online license agreements? Have more
companies done the same?

-L.


http://www.infoworld.com/articles/op/xml/02/02/11/020211opfoster.xml

BILL GATES SAYS security is Microsoft's top priority, but just whose
security does he have in mind? Consider some of Microsoft's recent
boilerplate legalese -- language you or your company might already
have unknowingly accepted -- and then decide for yourself.

The language is contained in the Product Use Rights (PUR) document
that can be found at www.microsoft.com/licensing/resources. As the PUR
document is part of most customers' volume license agreements and is
subject to periodic change, in theory Microsoft customers should check
it regularly to see what rights Microsoft has decided to grant or take
away.

You can be forgiven if you feel like you have better things to do with
your life than reading and rereading all this mind-numbing legal
gobbledygook. Fortunately, one Microsoft customer did review the PUR
document recently and noticed a change. In the section on Windows XP
Professional, he found the "Internet-Based Services Components"
paragraph that said in part, "You acknowledge and agree that Microsoft
may automatically check the version of the Product and/or its
components that you are utilizing and may provide upgrades or fixes to
the Product that will be automatically downloaded to your Workstation
Computer."

The reader was stunned. "By changing that term in the PUR, Microsoft
has found a creative way to obtain authorization from users to access
their workstations at will," he said. "How many customers are going to
review this PDF file and realize they've given Microsoft this right?
And all the risk for the security and privacy violations due to this
are neatly put on the customer's shoulders, not Microsoft's."



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: