Spyware, Viruses, & Security forum

General discussion

Microsoft updates Windows without users' consent

by Marianna Schmudlach / September 13, 2007 1:55 AM PDT

By Scott Dunn

Microsoft has begun patching files on Windows XP and Vista without users' knowledge, even when the users have turned off auto-updates.

Many companies require testing of patches before they are widely installed, and businesses in this situation are objecting to the stealth patching.

Files changed with no notice to users

In recent days, Windows Update (WU) started altering files on users' systems without displaying any dialog box to request permission. The only files that have been reportedly altered to date are nine small executables on XP and nine on Vista that are used by WU itself. Microsoft is patching these files silently, even if auto-updates have been disabled on a particular PC.

More: http://windowssecrets.com/comp/070913/#story1

Discussion is locked
You are posting a reply to: Microsoft updates Windows without users' consent
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Microsoft updates Windows without users' consent
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
I Find This Shocking.....but Believeable.....
by tobeach / September 13, 2007 3:15 PM PDT

I don't put anything as being beyond MS's possible likely hood.

I wonder if they can do this with ONLY SP2 & later OS's??

Guess I'm off to check my older SP1 version to find out!! ShockedSad

Collapse -
I couldn't have said this better...
by jackintucson / September 14, 2007 3:59 AM PDT
Collapse -
Thats why I quit
by deserttaxguy / September 15, 2007 4:18 AM PDT

I'm done with Microsoft and I am making every effort to move to Linux.
I hate their whole mind set. I don't use any Microsoft, Adobe, and other vendors with these type issues. I wonder why C-Net isn't a little less windows oriented and more open source informative? Hmmm...

Collapse -
I Also Have Opted Out of the MS
by tobeach / September 15, 2007 5:16 PM PDT
In reply to: Thats why I quit

patch, patch,patch 'til it's so wrapped in bandages it can't move at all...then sell 'em a new, more expensive system they can patch,patch, patch 'til..... it's got it's risks but I cover best I can with "..those damn 3rd party programs..." (Billy Gates) and don't seem to suffer many/excessive problems. Of course I use alt browsers etc.

C-Net does have forums for both Linux (1,170 posts/47 pages) & Mac OS
(1,717 posts/69 pages) but those OS aren't all that popular OR they are soo simple & have soo few problems there's not much to post about(LOL) Grin .
For comparison:Win95/98 (3288 posts/132 pages) XP (26,799/1072 pages).
Perhaps they prefer their own specialty boards/forums?

Even THIS forum posts updates for Linux/Ubuntu/Red Hat etc. etc.
I have never noticed even a hint of discrimination against those OS's & indeed have seen many times Mods include link for Linux in their advice posts.

Given how Open Source Browsers/Mail Handlers/ etc. have increased in popularity in last few years, perhaps it is only a matter of time 'til the numbers increase considerably.

Despite MS huge budgets for marketing & sales, they (MS) seem to be, more & more, becoming their own worst enemy. JMHO! Happy

Collapse -
C-Net is Download.com
by Stocky / September 16, 2007 1:07 AM PDT

I made the mistake of telling my nephew to go to Download.com to grab Spybot.
The first thing the kid saw after entering spybot in the search field was Spyware Bot...
He didn't realize it was the wrong product... a real piece of rogue crapware that C-Net supports...and had listed ahead of the search results....
He downloaded it, and wrecked his fathers security/pc....
You have no idea the trouble it caused... no idea.
C-net couldn't care less !!!

Tell me... anyone here surprised??? That's C-Net. That's MS.
Familiar with SVCHOST yet ????
Go Linux....

Collapse -
My Sympathies! That's Why I Only Ever Download ......
by tobeach / September 16, 2007 4:19 PM PDT
In reply to: C-Net is Download.com

from AUTHOR's site or author's linked mirrors and prefer not to use the mirrors if possible.
Son in law last week clicked an Update pop-up for "needed" latest Flash player on a site, link indicated as Adobe but, of course, it wasn't (Phished). Took daughter 4 hours to recover to clean status.
One reason I haven't downloaded new Adaware 2007. Download.Com was ONLY offered download location. Sad! Sad

Collapse -
Search Results not the Ads!
by xie / September 21, 2007 9:43 PM PDT
In reply to: C-Net is Download.com

I have seen people make this mistake before, but it is absolutely not download.com's fault. You need to be aware to actually look in the SEARCH RESULTS and NOT the Ads at the top of the page! You cannot complain and hold C-Net responsible for someone clicking on an ad instead of on the results they were searching for. Download.com is a wonderful resource but does require a little reading. Check to see if you are getting a full free program versus a limited trial. Read the agreement and instructions of anything you execute! Is it freeware or shareware? What is the licensing agreement? Is it for home use or can you use it in a commercial setting? If you are interested in a program or utility, you can always use a search engine and find out more about it on a tech blog somewhere else. Read the reviews. Read the system requirements. Subscribe to some of C-Net's newsletters that contain reviews of some of the top downloads each week. They contain valuable information and are enjoyable and quick to read.

Slow down. Don't click on the biggest banner or the first item you see on a page. Read. Make sure you are downloading the program with the exact name you are searching for. Submit a constructive review if you try the software and find it buggy, but include enough information about your environment to be helpful.

Collapse -
MotherSpy installing without permission? Heavens!
by yarlq / September 16, 2007 10:33 AM PDT

I don't put anything past MS - anyone that calls 'corrections' updates is a born liar.
I use XP-AntiSpy to shut out MS except when I want to update - it has options on about 50 leaks you can control.
I dual boot MS & Linux - MS requires continual attention, Linux goes for months with none. And Linux and its key software (Office, Gimp, Firefox and about 20 others) installs unattended in 20 minutes (actually it was 13 the last time) and updates everything in another 5 - then you are done for a month or two.
For Windoze I have Kaspersky piled on Sandboxie on Spybots on SpywareBlaster on -- you get the idea. My machine spends more time updating Windoze security that it does anything else.
Linux runs naked - it's never had so much as a sniffle.
Windows is such a jumble of patched code with correction piled on top of correction that it's just like a water bed: when you push <here> you have no idea what will pop up someplace else.
It's your choice: bloatware 'designed' by 60,000 paid hacks who live for 5:00 - or lean-meanware sculpted by 300,000 volunteers who pride themselves on introducing the best software they are capable of.
Every day I spend more and more time on Windows (patching, correcting, shoring it up) while I get more and more done on Linux (Xandros on my tablet, Ubuntu on the Desktop).
Last word on uninvited installs: MS is purely rude - unless stomped on they will take over your machine every time you start up and make you wait until the latest corrections are installed. Their entire approach is to usurp your choices and do it their way. And when they make a mistake, they tell you to go see your System Administrator or Network Manager.
Right. Like they're sitting in my living room waiting for questions.

Vista: a $400 SP3 for XP.

Collapse -
I hear you!
by glenn30 / September 16, 2007 11:41 PM PDT

Like you I am spending all my time in bed with Microsoft and Vista... not a very good relationship either! I am tired of it! Sad


Collapse -
Linux on my next desktop
by naebanks / September 21, 2007 10:41 PM PDT

Hey Yariq, you've got skills. Liked your article. You should write for a magazine or something!

Collapse -
Microsoft dispels rumors of stealth Windows updates
by Marianna Schmudlach / September 17, 2007 2:37 AM PDT

It's all about updating the updater
By Dan Goodin in San Francisco

Published Friday 14th September 2007

That prompted a Microsoft program manager to write his own blog post, explaining that the nine files related to the Windows Update service itself. Microsoft updates them from time to time to ensure that Windows Update will behave in dependable manner in the future.

"Had we failed to update the service automatically, users would not have been able to successfully check for updates and, in turn, users would not have had updates installed automatically or received expected notifications," the product manager, Nate Clinton, wrote. "That result would not only fail to meet customer expectations but even worse, that result would lead users to believe that they were secure even though there was no installation and/or notification of upgrades."

More: http://www.theregister.co.uk/2007/09/14/microsoft_dispels_stealth_update_rumors/

Collapse -
This may or may not be true Marianna..
by jackintucson / September 17, 2007 5:23 AM PDT

but who is to say they aren't doing this kind of access somewhere else that no one has yet detected. Of course they would come up with some "plausible' explanation but only after they were caught at it. There is over 50 million lines of code written by hundreds of programmers who have no clue what the other is writing. I've been in this business long enough to know that at least one of those programmers is writing covert code that even Microsoft might not be aware of. This is what happens when there is a "rush to publish". I'm sorry, but no one will be able to convince me otherwise.

and life goes on...


Collapse -
Hasn't Microsoft heard of backwards compatibility?
by ausvirgo / September 20, 2007 4:59 PM PDT

Microsoft's excuse that "Had we failed to update the service automatically, users would not have been able to successfully check for updates and, in turn, users would not have had updates installed automatically or received expected notifications," is BULLDUST!

All Microsoft had to do was to give the server-side modifications a new URL, and allow the pre-update version of Windows Update to still use the old URL to retrieve the update to Windows Update with a description that said that the update must be installed to enable future updates and notifications. They managed something like this at least once for Windows 98!

The real key is the part of the statement that says "users would not have had updates installed automatically". Users who wanted updates installed automatically would have had the the service legitimately updated automatically anyway, so wouldn't have been affected. Clearly Microsoft's assumption is that updates should be installed automatically, and they just didn't consider those "foolish" enough to want to do it their own way!

Collapse -
Good response...
by jackintucson / September 21, 2007 4:13 AM PDT

I call it: "Microsoft wants to CONTROL not just your online experience but your ENTIRE computer experience". I have had a big smile on my face since the EU denied their appeal. "Open Source Programming" is a four-letter word to them and they are scared. The next decade will be very interesting indeed. Happy

and life 'always' goes on...


Collapse -
Yes Microsoft has heard of backward Compatibility
by john3347 / September 21, 2007 11:02 AM PDT

This comment may be slightly off target for the current discussion, but I wish to answer the question posed concerning Microsoft and backward compatibility. Microsoft used the phrase "backward compatibility" many, many times during the Windows 95 and Windows 98 era. Unfortunatly, somewhere between Windows ME and Windows XP, it got dropped and replaced with "designed obsolescense". Such a pity!!!

Collapse -
OpenSource == Covert Code (?)(!)
by pmchefalo / September 21, 2007 11:33 PM PDT

The comment about a Microsoft employee writing covert code to exploit machines is interesting -- I have always maintained and do to this day that OpenSource is all about gaining access to as many PCs as possible.

The source code may be open, but the ability to interpret same is not a common skill. Much low level OS code is "write-only." That's why the "many eyes" theory has still resulted in many patches for PHP, Mozilla and ... Linux. (Try this on for size about the Ubuntu patch "methodology" - it just happened to be the FIRST hit on a Google search: http://kitenet.net/~joey/blog/entry/a_bad_taste_in_the_mouth_detailed_ubuntu_patch_review/)

If you do not ostensibly make a living from or warrant the code you contribute to an OpenSource project what prevents you from introducing exploitable bugs that maybe you CAN profit from?

Collapse -
Microsoft updates WITH your permission....
by Gweezel / September 21, 2007 10:08 AM PDT

Microsoft does not update files without your permission. The only program it does update, it does with your permission: the Windows Update itself.

This program is updated automatically if you choose to (1) automatically download and install updates; (2) download but don't install updates; or (3) notify for new updates but don't download or install. In order for the service to do any of this, it has to be updated. How else is it going to work?

If you choose to update manually without being notified, nothing is downloaded or updated.

Courtney sends....

Collapse -
So What!!!!
by Grimbles / September 21, 2007 10:27 AM PDT

Sooo, Big Bad bill is now 'secretly' updating Windows........SO BL**DY WHAT? What would you do if a window opened on your screen saying "Important updates are ready for your computer, click here to install now......signed Miscrosoft"......Would you ignore it?....not likely...so, what's the problem? I find it impossible to believe that MS would 'stealth' install anything malicious or intrusive, THAT definitely would not be in their best interests.
Get over the conspiracy theory people!
Cheers to all.........JIMBO

Collapse -
Windows Spyware from Microsoft
by randysvh / September 21, 2007 6:19 PM PDT

It is sad that Microsoft is so intrusive in their approach to watching and monitoring what you do. It is has become so much so that i have turned off Automatic updates not only on my own system, but on every system i fix or attempt to clean up. When i find the WGA program on a system, i remove it immediately. Any activeX that really is not required to maintain and keep your system running, is disabled or removed. I use both the manage add-ons and other tools like winpatrol, and spybot to remove these kinds of add-ons not only from Microsoft, but others that are unidentified, or unrecognized.

Microsoft itself is intrusive. I have it from knowledge of an internal source that the monitoring does occur and to an extensive amount. Everything you do on the internet is recorded. This is how they can direct the appropriate advertisements to your searching and online travels. If Microsoft is doing this, who else is and what else are they doing and collecting on your behalf? personally i avoid anything do with a Microsoft web site unless it is absolutely necessary for technical knowledge or support.

If you download a file from Microsoft that requires validation of your system, avoid the WGA, and use the alternative method at the bottom of the screen.

As has already been mentioned, Linux is the best alternative to the problems associated with windows. Linux is stable, and requires little to no extra add-ons to protect the already well secured environment. Sure each version is different, but overall they give you the protection that Windows does not. I use Linux as much as possible, and convert my customers to Linux as most of them have simple needs and can avoid all of the extra add-on security i need to provide to help provide some minimum sort of protection.

Do not be afraid to install Linux in a dual boot situation and Linux will set up a dual boot so you can boot to Windows when you feel you need. Do not forget that Linux has WINE which is a Windows emulation and makes it possible to run many applications including MS OFFICE if you feel OpenOffice.org is not enough for you.

Whatever you do turn your automatic updates for Windows - OFF.


Collapse -
So........Who's being intrusive now?
by Grimbles / September 22, 2007 8:11 AM PDT

Randy - You admit in your post, "I have turned off Automatic updates not only on my system, but on every system i fix or attempt to clean up. When i find the WGA program on a system, i remove it immediately.".....and you reckon that MS is intrusive!....you'd better have a closer look at your own practices.
ALL large corporations collect and correlate statistics to help formulate a market strategy, most of which is based on user demographics and choices. So what if MS know that in 2006, 300,000 Windows users visited the 'www.getalife.com' site? I fail to understand the paranoia associated with MS when each time we deal with a large company we willingly divulge all sorts of personal information, whenever we fill out a product warrantee (e.g. buying a new motor vehicle) or sign up for a new service (e.g. telephone)- what do you think those companies are doing with that information?
As for Linux being an alternative.....Linux is a joke - How many different distros are there now...50?...100? Each and every one has an imperfection (a substandard feature), their help forums are largely indecipherable and availability of drivers for peripheral hardware practically non-existent. I have a Canon MP800 multi function which I use regularly and often, for Linux I can get a basic printer driver and that is all....no scanner, print to DVD/CD, etc. What use is that to me and literally hundreds of thousands of people in a similar position?
I am NOT a fan of monopolies nor MS, I deplore some of their marketing strategies and stand over tactics BUT I have no problem whatsoever with 'Automatic Updates' even when they are delivered by stealth.

Whatever you do turn your automatic updates for Windows - ON.


Collapse -
Lack of experience
by randysvh / September 22, 2007 4:41 PM PDT

I a sorry to disagree with you, which i do not do here very often, but i have studied this stuff for too many years and like you i dislike MS. They have practices that are less than honorable. Their update practice falls into this category. i am not saying that all of their updates are phony or intrusive, but i know from a known inside source that the WGA program is spyware that does what we hate for other companies to do and remove their spyware from our systems. WGA is just one of those and from MS. The updates are part of this problem. The IE7 update falls into the problems associated with automatic updates. Make sure your automatic updates feature is turned OFF. Please, protect yourself with the programs i have suggested here elsewhere that are available from download.com.

Please Automatic Updates - OFF


Collapse -
An Explanation Of The 'Stealth' Microsoft Updates
by mowgreen / September 22, 2007 4:21 AM PDT

" Microsoft has begun patching files on Windows XP and Vista without users' knowledge, even when the users have turned off auto-updates."

That's just TOTAL B.S. I tested this on a VPC installation of XP Pro SP2. It hadn't been booted since April 2007. The *ONLY* way that the Windows Update Agent/Client is updated is if the Automatic Updates options applet in the Control Panel are set to Automatic, Download updates, but let me choose when to install them, or, Notify me, but don't automatically download or install them.
IF the WUA was not updated then the system can not be updated until the WUA is updated. Period.

Disabling Automatic Updates via the AU applet will block ALL updating of system files required to use either Automatic Updates or the Windows | Microsoft Update sites.
Disabling the Automatic Updates SERVICE will block ALL updating of system files required to use either Automatic Updates or the Windows | Microsoft Update sites.

An Explanation Of The Stealth Microsoft Updates

Collapse -
I did not know you were a member here
by roddy32 / September 22, 2007 10:21 AM PDT

Mow but when I click on your profile, I see you have been for a long time. LOL Glad to see you posting.

Collapse -
Ya never know
by mowgreen / September 24, 2007 7:18 AM PDT

Where I'll turn up <w>

Collapse -
(NT) :)
by roddy32 / September 24, 2007 8:07 AM PDT
In reply to: Ya never know
Collapse -
Totally agree
by Donna Buenaventura / September 25, 2007 3:37 PM PDT

Hi mow {{waves}}

I totally agree that disabling it will not install any. No silent update at all from MS.

If we allow MS to check for updates (whether auto-install or not auto-install), there it will install the update silently (at least in Vista since it's "built-in or integrated" WU instead of using browser to check for updates).

Still MS can do better on this item I think. How about informing user that there is an update to the software updater? I'm sure that's easy for them to do so no one is surprised again when the software updater in Vista was actually updated.

I've seen it happened last June: http://www.dozleng.com/updates/index.php?act=calendar&code=showevent&event_id=39385
The Windows Software was update automatically. Not offered at all. I know it's safe but if other software vendors can "offer" it thru dialogue box or via its updater, why not MS? Happy
At least users will be informed that there's new one.

Collapse -
Stealth patches
by Shadyrok / September 24, 2007 5:40 AM PDT

Oh boy, was I LIVID when Microsoft stealth patched something on my Machine (XP) which caused me to be unable to send EMAIL. I rarely have to actually call support but I had to actually call. I complained bitterly but I'm sure they don't give a hoot about that.

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?