Legit Reviews

Microsoft altering Windows files regardless of users' update settings

Micro$oft stealth black ops updates confirmed by many. Windows Update has been updating itself on millions of PCs without their users knowledge or permission.
http://pcworld.co.nz/pcworld/pcw.nsf/pr ... 55007C1ABE


Microsoft has installed a series small updates to XP and Vista user's system files without the user's knowledge or permission, and has even managed to carry out these unofficial updates even when preferences were set to manual updates only.
http://www.pocket-lint.co.uk/news/news. ... aled.phtml

Microsoft downplays stealth Windows Update file updates
http://www.news.com/8301-10784_3-9778152-7.html

Users irate at Windows stealth update
http://news.zdnet.co.uk/software/0,1000 ... 305,00.htm
"...One other user questioned the consequences if the "stealth" updating mechanism was ever compromised by attackers: "A false Windows Update patch could… install a rootkit, erase hard drives. When the 'don't install without asking' option is selected, it should not have the capability to install anything without asking."

This morning, Microsoft's PR team responded to yesterday's request about Windows Update updating itself, even when the feature has been disabled by users. http://www.microsoft-watch.com/content/ ... oblem.html

So, with big brother M$, this option doesn't work against stealth updates ....

With the option you have circled in red selected, nothing self updates. If you manually use windows update to check for updates, then it will update itself. This whole thing is way overblown.

Zelig wrote:With the option you have circled in red selected, nothing self updates. If you manually use windows update to check for updates, then it will update itself. This whole thing is way overblown.

Nope, the update happens even with automatic updates turned OFF! The only OS's they don't touch is the server versions.
The update was supposedly only for windows update itself.

More info here: http://windowssecrets.com/2007/09/13/01 ... rs-consent

It was also done to both XP and VIsta users

Ok it installs the updates automatically. Big deal, you now have the latest software.

Unless you think of it like a hacker could abuse of this "feature"

kenc51 wrote:Nope, the update happens even with automatic updates turned OFF!

Only when the user runs windows update... if you don't want anything updated, then don't run windows update.

Zelig wrote:

kenc51 wrote:Nope, the update happens even with automatic updates turned OFF!

Only when the user runs windows update... if you don't want anything updated, then don't run windows update.

Zelig,

You're still not getting it. If a user has Windows Update turned OFF, the stealth update will still make the update happen!!! PLUS, it's a major unknown what this update really is.

M$ isn't saying much about it. There is speculation that it's a Big Brother move on the user's OS or DRM rootkits or other deceivious tricks.

If you're not doing anything illegal, I don't see how updating DRM crap affects you, it's not like Micro$oft is going to h4x0rz your PC.

Zertz wrote:If you're not doing anything illegal, I don't see how updating DRM crap affects you, it's not like Micro$oft is going to h4x0rz your PC.

Thats what they are doing when they install anything on your PC without your permission!!!!!

stev wrote:Zelig,

You're still not getting it. If a user has Windows Update turned OFF, the stealth update will still make the update happen!!! PLUS, it's a major unknown what this update really is.

No, I do get it.

If automatic updates are disabled, and the user does not run wuapp.exe, no update occurs.

Would you prefer that windows update displayed a message "You must update windows update in order to check for more updates" when you ran it, instead of automatically updating itself?


See these links for responses from MS:
http://windowsvistablog.com/blogs/windo ... dates.aspx
http://blogs.technet.com/mu/

Quote from MS: \

Before closing, I would like to address another misconception that I have seen publically reported. WU does not automatically update itself when Automatic Updates is turned off, this only happens when the customer is using WU to automatically install upgrades or to be notified of updates.

heh, the first vista blog you linked to contradicts that second quote:

This self-updating is done regardless of whether the user has enabled automatic checking, download and/or installation of updates.

Dan

This self-updating is done regardless of whether the user has enabled automatic checking, download and/or installation of updates.

That isn't contradictory, it's simply worded badly.
Meaning:

If (only) automatic checking is enabled (downloading/installation is disabled), the self updating is performed. <- Option #3 in the AU settings.
If (automatic checking and) downloading is enabled, the self updating is performed. <- Option #2 in the AU settings.
If installation (and obviously checking and downloading) is enabled, the self updating is performed. <- Option #1 in the AU settings.
If notification of updates is disabled, no self update is performed unless the user runs WU. <- Option #4 in the AU settings.

So, the end result is, as I said before: If automatic updates are disabled, and the user does not run wuapp.exe, no update occurs.


Large networks use either WSUS or SMS to keep the computers up to date, individual PCs don't have any contact with MS servers. You don't think any system/network admins would have noticed "stealth updates" in the past few years??

While I think it has been blown WAY out of proportion, it's not very smart on Microsoft's part to change system files without the permission of the end user. I'm sure they just did it as a convince to the user, but it could potentially open a security hole even if it is only open when running wuapp.exe

This is just one of those things that MS should have let us known about.

Alathald wrote:While I think it has been blown WAY out of proportion

Ya Think?

Linux

I have my computer setup to ASK and NOTIFY of any updates. However, I got stealthed anyways.

Two of my computers got updates in the recent past and those updates messed up the machines. M$ has been known to put out sloppy update fixes without much testing in the past. Those things can hurt an end user when it hits their machine.

One machine had a patch and the MOBO didn't work right there after. On the other machine the NIC card would no longer work even after it was un-installed and re-installed.

Within the last two years, M$ had such a bad and sloppy patch that after it was installed, another patch went out to remove it a few days later!

I prefer to be ASKed and NOTIFIED of patches first. Then if the community as a whole doesn't have a problem with it, I'll update to that level.

With the stealth patching, I have no clue what's getting fixed or wacked. There is no update number to research the update to either. So, it's either a M$ Big Brother thing or an NSA Big Brother thing passed in some obscured National Security law.

stev wrote:I prefer to be ASKed and NOTIFIED of patches first.

You realize that windows update can't get patches in some situations without updating itself? So, you'd get notifications notifying you that you needed to update windows update in order to check if there are any notifications for updates for windows. And then after updating windows update to check for windows notifications, there may or may not be actual updates for windows.

Zelig wrote:

stev wrote:I prefer to be ASKed and NOTIFIED of patches first.

You realize that windows update can't get patches in some situations without updating itself? So, you'd get notifications notifying you that you needed to update windows update in order to check if there are any notifications for updates for windows. And then after updating windows update to check for windows notifications, there may or may not be actual updates for windows.

Yep. I understand that.

And when Windows Update needs an update itself, it will let you know it too. It's not a stealth operation either like this thread talks about.

Hmmmm,

This article has a deeper thought to what and why with the possibility of any user being compromised.

Microsoft: We're in yur drive, hacking yur system.

http://www.hardwarelogic.com/Staff-Blogs/285.html

"... Until Microsoft comes clean about exactly what they can and cannot do remotely to their OS's, the privacy of our data is suspect. Users can not be sure that MS doesn't have, at minimum, backdoor write access to their systems - actually, they CAN be sure that MS has that access - it was just used. And, if this access falls into the wrong hands, what then? Or, now seeing how MS's philosophy actually works, when will they decide to stealth install a little .exe that catalogs my system's contents and phones home with them under the rationalization that it's to "meet customer expectations" and better serve me?

I don't like the sound of that one bit.

Anyone read this in relation to stealth update? http://windowssecrets.com/2007/09/27/03 ... -XP-repair (found on digg)