Actually, Microsoft has always automatically updated "Windows Update" without user intervention, or even informing the user... this even goes back to the RTM version of Windows XP, though for some reason, MS's technical papers claim it was introduced in Service Pack 1. I noticed this when I had to reinstall XP RTM when I replaced a HD on one computer, and I noticed that even before Automatic Updates prompted to install any patches, its control panel changed to the one that premiered with SP 2. I'm surprised no one else noticed this until now.

Once again Joe, you disappoint me with your paranoid incompetence.

All it's doing is the scheduled automatic update cycle. Any time that happens it updates the AU engine as necessary.

Any time it installs an actual update it references the KB number of the update.

Going surprise the windows commentators here, and basically agree with them on Vista auto updates. Heck, its in the eula, MS is not doing anything illegal here, or even underhanded. They have been in front with what they were going do with Vista, as far was protecting it from pirates. Sadly the legit users will be the ones to suffer, and eventually the pirates will not be able to run Vista, in time, because of the updates.

The point I think Joe is making is not being able to turn off auto updates as in XP, is not a good thing for the user, and I would agree with that. Losing a lot of freedom there. Would also point out that 30% of the USA is still on dialup. Those who run Vista auto updates with dialup, are looking at some long term pain, especially if they have multiple systems, with multiple Vista licenses. Cause unlike XP, where u could download the Service Pack or patches, here Vista will do it automatically for you on every computer, probably before you can get around to making that cd yourself.

MS has made auto updates mandatory, for users of Vista, party to help protect it against pirates. They are well within their rights to use WGA and the auto updates mechanism to install updates that will further secure their system against pirates and protect their DRM scheme as well. While I have said that Vista is over priced, it still does not desire to be pirated.

That being said, it sure gives one another reason makes not to use Vista.

chips, don't you have something better to do, like reading Gutman's mysteriously absent slides?

Windows automatically updates the auto-updater without permission ONLY. It doesn't install standard software updates without following the auto-update policy set by the user.

Can anyone tell me what happens if Vista is running behind a firewall router that selectively enables a few ports but not the one that Vista needs to contact the mother ship?

Ok.. Joe Wilcox, i've been reading this site for a long time, but this is the last time i will read any of your news.. I'm deleting from my bookmarks, this site..

Enough, you simply don't know most of the times (90%) what you are talking about, you just look like you like to create speculation and hate for microsoft... :(

I miss Mary Jo Foley, she was a real reporter..

Oh but wait, i can i just have to edit this bookmark and insert zdnet..

I just don't know how your boss can be happy with you..

bye..

An example of MSFT missing what they could do...
http://weblog.infoworld.com/techwatch/archives/013777.html
" I understand Redmond's aversion to cannibalizing its Office cash cow, but the fact is that Redmond could own this new space if it wanted to. All it would need to do is push interoperability and integration between lightweight Web versions of Office applications and its desktop fatware. Advanced features would be absent from the lightweight versions, but the company could ensure any Office doc would load on the Web -- whatever new desktop service packs and upgrades might appear -- and online document management could be integrated with Windows for offline access."

"Of course, Microsoft may already be laboring mightily to make something like this work. Knowing the complexity of the company's licensing schemes, maybe it's crunching the numbers right now ? the free version, the not-so-free version, the doodads for a onetime fee, and so on."

So, let's get this straight. Microsoft "COULD" own the web space but... they can't get their licensing schemes straightened out?

So, what MSFT is telling everybody is they have the technology... that they've had it for years since they had to have it to do the early versions of WinFS, Longhorn and Viridian and all the others... BUT, they would rather delay and delay and delay ... until they can get their "licensing" straight.

Ha. Yeah, I would say so. Can't get their "Licensing" straight, right? So who do they need to "license" their technology from?

Many of you seem to be (deliberately?) missing the point: Microsoft is updating Windows components without the knowledge or consent of the user, even if that user has explicitly configured Windows to only download/install updates manually!

This is outrageous! Let's examine a few scenarios:

1. What's to stop Microsoft from secretly updating components beyond Windows Update?

2. What happens if/when one of these secret updates contains a bug that starts interfering with the computer (eg BSoD)? What if the affected computer is mission-critical (eg running your company's website)? Imagine trying to diagnose such a problem when you are unaware that an update even occurred - one of the main reasons why admins regularly disable automatic updates.

3. And what about the potential for abuse?

But, all that aside, why aren't people up in arms about the continuing erosion of your right to control your computer?

M J,

you may have missed the point. MS is updating Windows Update components while vistiting the Windows/Microsoft Update site. These components are not updated via AutoUpdate if AutoUpdate is disabled. That's the whole "story".
And yes, that's nothing new. Windows/Microsoft/Auto Update checks for new versions for the relevant files on every access of WU/MU/AU. Have a look into the "windowsupdate.log" file.

Bye,
Freudi

folks, stop calling joe wilcox a moron. and ENOUGH with the accusations that he doesn't do enough research. Those are all simply untrue.

He has a vendetta. Its that simple, and nothing more sinister than that.

"chips, don't you have something better to do" - Waethorns
.
A quick look through the forums at Microsoft Watch will tell you that the answer to that question is: No.
As best anyone can tell, the guy doesn't have a job, he doesn't even have a life outside of anti-MS evangelism.

Lt. Uhura,

you've read http://technet2.microsoft.com/windowsserver/en/library/4de6a129-fbf1-41ef-b255-5510554713c51033.mspx
in the meantime? If not, it may be worth doing so now ;-)

Bye,
Freudi

I'll have to agree that this article is more scare than fact.

If you totally disable auto updates (don't have it check *at all*), then the service never runs.

If you *do* have it set to at least check for updates and notify you, then for goodness sake, of *course* the update service needs to be updated because sometimes it needs the new version of the updater just to check and see if your system needs anything else.

If you're like me and have automatic updates turned off entirely (for servers this is especially true), then you've seen the pop ups over and over to install the latest version of the update client when you manually go to the update website.

Thank goodness the desktops in our organization are set to auto update because I'd hate to have the users manually clicking "ok" to install the new update client each month before it could automatically do the rest of the installs. That'd be retarded.

Oh, and while Joe has a job, it seems he also doesn't have a life outside anti-MS evangelism.
What I don't get about this site is this: Go to linux-watch and SJVN writes about Linux like it does things for him his girlfriend won't.
Come to microsoft-watch for a bit of balance and the boat tips over as Joe piles on the same side as SJVN!
Buy a protractor and get a different angle y'all!

Joe , you wrote : "My eWEEK Labs colleague Andrew Garcia has independently confirmed a report .."

You are of no shame of taking other's hardwork. You shuold going out and grab your own news and market development by yourself .

You always publish and add more salt to other's reported news .

Please do run around the town and get your own news

man, you post FUD about Microsoft :) e.g. using Microsoft favorite weapon against itself :)

so why don't you install Ubuntu and let Microsoft feed on the fish :)

Dunn identified the changed files on Vista as wuapi.dll, wuapp.exe, wuauclt.exe, wuaueng.dll, wucltux.dll, wudriver.dll, wups.dll, wups2.dll and wuwebv.dll.

And on XP SP2, he said, the changed files were cdm.dll, wuapi.dll, wuauclt.exe, wuaucpl.cpl, wuaueng.dll, wucltui.dll, wups.dll, wups2.dll, and wuweb.dll.

These files were changed without the users express permission. Is this too difficult for the Fanboys to understand.

To those arguing on Joe's behalf, you are wrong. On the contrary to your claims, you have to select the option to enable Automatic Updates.

You can go to Control Panel > Automatic Updates (XP) or Windows Updates (Vista) and turn the functionality off at which point it doesn't run.

You can even run the services management console and forcefully disable the AU service. (For the advanced users and truly paranoid / delusional).

One other poster said they were removing the bookmark to this site. I agree, and I am doing the same thing. Mary Jo Foley's blog is considerably more factual and intelligent.

Bruno Faria wrote: Ok.. Joe Wilcox, i've been reading this site for a long time, but this is the last time i will read any of your news.. I'm deleting from my bookmarks, this site..

Oh wow, another Micro$oft fan can't bear to take the truth about the Bully from Redmond. What can I say? Guess it'll just have to be: "Good riddance!"

Get real people. If you think that by shooting the messenger Micro$oft will look better, think again. There will always be people who will expose the stink in that company. The more, the better.

The article says: "The Vista EULA is a 14-page document. A search for terms "update" or "consent" revealed no place where I could see that users explicitly give permission to Microsoft to download and apply updates without consent."

Now, consider that each version of Windows has a different EULA, and Microsoft gives itself the right to change the EULA at their will.

And compare that with Linux, which license haven't change since 1991:

http://www.linux.org/info/gnu.html

In fact, the GPL is older than Linux!

Even if you consider the variety of open source licenses (Mozilla, BSD, etc), it's much better and stable than dealing with Microsoft terms and conditions.

I not thrilled with this article. I think it raises some good points, and I do think there is reason to question Microsoft about this, but this story is alarmist. This is certainly NOT a "stealth" update. They call it a "stealth" update but then point to the system logs as proof that it occurred. That isn't stealth at all. Certainly there are other scary words you could use to describe this, such as "unauthorized", but they chose the word "stealth" to illicit as much FUD as possible.

Microsoft does have some explaining to do. When automatic updates are disabled, they should be disabled for everything, so I am not defending MS. I just think this article is written to be alarmist and has a clear agenda.

It will be interesting to see how publicly traded companies square this type of behavior with the controls they have implemented for compliance with the 404 parts of Sarbannes Oxley (o/w known as "The full employment act for American accountants and auditors.")

Its going to be very difficult to say you have control of your systems when an outside company can come right in (pretty much regardless of your network controls, firewall, etc..) and change files on one of your computers at will.

Ron wrote, referring to eWEEK Labs' Andrew Garcia's contribution to the story: "You are of no shame of taking other's hardwork. You shuold going out and grab your own news and market development by yourself ."

It's called teamwork, Ron. Collaboration, something Microsoft talks whole lots about its products enabling. We work together here, and I am proud of eWEEK Labs' contribution. We wanted to independently confirm Windows Secrets results, or not. I couldn't do it myself because my Windows PCs are set to download and install updates automatically. Windows Secrets identified a situation where Windows Update updated itself even when turned off. The responsible thing was to try and confirm the results were correct. A review of forums also turned up hundreds of posts questioning this update, between August 21 and 25.

Joe

I'd like to know what this updates does, especially since WSUS clients won't be seeing this update -- why the distinction?

A fix show be properly disclosed, just like any flaw should be properly reported...

Why hide the update? It bring suspicion to what really be a benign fix... Poor thinking...

If true, this is worrying but equally easy to fix. Go to your control panel, admin tools, services. Select the Automatic Update service and change from automatic to manual. This will at least give an element of control back to the user who can choose to run the service or not. If this doesn't work.... pull the plug on yer internet connection! ;-)

Response to the above posters(mostly):
If you think installing something behind the back without notification is O.K. you need to check for an update to your civil liberties archive. This kind of thing is the reason I switched over to Linux OS. I was tired of Microsoft's underhanded installation policies and poor notification, when they did present it. Not to mention updates like this usually can be exploited, meaning that a hacker or virus programmer could in theory automatically install or bypass almost all firewalls and anti-virus software to gain access to your hardware and files.

To everyone who has half a brain(can burn a CD) and uses Windows of the people above, use Linux(My personal preference is Ubuntu with WINE. It's about as secure as you can get, and if you compile/install it yourself it costs you nothing but the bandwidth to get it. The community designs it supports it and checks itself, there is no unilateral decisions to install software on my hardware without giving me proper notice. Not to mention Linux has a open source version that is equal to or better than anything there is for windows.

Finally, for those of you who think updates like this are going to stop software piracy, you are very mistaken. Last time I checked there was copies of windows out there pre-validated windows that their "security services" couldn't even tell the difference between.

The reason Microsoft is targeted so heavily that they pull these kinds of stunts and it finally disgusts someone or rubs them the wrong way. Sometimes these people happen to be programmers that know more then the techs at Microsoft ever will. If they presented information more openly(significantly more then they are now) I can almost guarantee that the amount of "hate" for Microsoft would go down substantially.

I had windows updates set to download but not install and they were still installing. I then completely disabled auto update. I'll have to go see if MS is still updating my computer even when I've told it not too.

Simple solution;

"GNU/Linux"

Free yourself from mental slavery, only you can free your mind.

Wow!! I never realized how many people have nothing better to do with their time than to fly into attack mode over just about anything that does not agree with their IT "world view". Here's a couple of suggestions.

1) Consider that this column is just one of many sources of information on a particular subject and just like any other journalistic product can be a vehicle for not only the facts but also for the opinion of the writer. Take is as such and move on.

2) Get a life.

> Windows Secrets contacted eWEEK and Microsoft Watch earlier this afternoon about the discovery.
> We contacted Microsoft PR, but received no response before posting.

You mean, Microsoft didn't respond since this morning? Lazy bastards!

It's nothing I wouldn't expect of M$.

Even the updates you know are coming are usually
a problem.

For instance, one update I did on my Win2000
system ( yes I still use 2000, I won't spend good
money for an update to XP or Vista )resulted in
my Firefox browser not working, IE worked, Firefox
just gave errors and crashed.

Thanks M$.

Chris: It's more fun for people to jaw off and make a big fuss. The sheer volume of anger and vitriol in some of these posts makes me wonder if they're not connected to Microsoft somehow. Everyone's so quick to discredit the article...

Wow, the comment of those brainless M$ supportor shock me.

Have they gone thru all the Y2K issue with M$ NT4, 98 or ME? Did they know anything about the Root kit issue last year? Could you imagine one day you wake up, internet no long work as M$ update your IE to ver XX without consent?

sounds to me like joe got caught up in a windowssecrets PROMOTION. Or am I the only one that noticed that windowssecrets PAID to put out a PRESS RELEASE (through their PR agency Revell-Pechar, Inc.) today. Find it at http://www.marketwire.com/mw/release.do?id=769392

Hey Joe, I hope you get a cut for each newsletter they sell. Otherwise, you got p0wn'd.

LOL at the big-time reporter wilcox, who got used as a free revellpechar.com tool.

yeah, yeah, yeah!

Shoot the messenger! It's the way he said it ..., yeah, right, good shot shills.

To the fanboys criticizing the author of this post and the work revealed by windows secrets...

If I agree to an EULA that does not specify that the software or service is allowed to modify files on my system unless I allow it to.. and then the software enables a prior disabled service and installs and changes files on my system despite my clear choice to disable such functionality.. that is not only dishonest and potentially hazardous but also potentially illegal.

By reserving the right to change the EULA at any time they are also required to get your new consent to abide by the new terms prior to making any changes to software or services outlined in the EULA. Nowhere did I see any information about anyone agreeing to a new EULA prior to these updates occuring.
This is potentially criminal intrusion onto the end user's network and filesystem. IANAL but just for the people out there who might criticize my opinion - I did just get off the phone with a close friend of mine who *IS* an intellectual property and contract lawyer. He is aghast at this behavior and is reviewing the EULA's offered by MS as I type this for me.

To the linux fanboys advocating a switch to *nix of some sort.. that isn't always possible and in many cases is simply impractial. As the dominant market leader MS should be held accountable for their actions. Encouraging users to run away from windows is possibly a good thing but also simply sweeps the issue under the rug.

If you run a number of private networks ( as I do ) then you also know the hassle of whitelisting network access. When files change without my knowledge it creates a costly hassle for myself and a loss of time and productivity for my users.

It would be a simple solution for MS to abide by my system settings and simply let me know that without a MS updater update that I would be choosing to miss out on further updates. I could then *hoose* to update the OS I *licensed* and *paid* for at my own discretion.

Just my $0.02

Ben :

If true, this is worrying but equally easy to fix. Go to your control panel, admin tools, services. Select the Automatic Update service and change from automatic to manual. This will at least give an element of control back to the user who can choose to run the service or not. If this doesn't work.... pull the plug on yer internet connection! ;-)

If you had read the entire article and the referenced material you would have seen that you AU service settings are not relevent as the updates happen anyways regardless of the settings. Apparently updates to the AUS and WGA services aren't mandated by the AUS settings.

Joe, GoodThings, Ottmar, Aaron, did you not read what Windows Secrets found: AU updates itself even when the service is turned off. Shouldn't off mean off?

I'm sure AutoUpdate isn't turned off completly and yes, while you visit the Windows/Microsoft Update site with AutoUpdate turned off, the WUA searches for self-updates which is nothing more but normal. Guess what "Windows Screts found"? The way it has been for years and is well known. Have you read the Technet article? No? It's time to do so. Next time some will post an exhausting article about circles found beeing round.

And no, I'm not connected to MS anyway but an somewhat experienced user of Windows (among other OS) which doesn't it find amusing posting such an incredible [selfcensored] article documenting the [selfcensored] state of knowlegede of the author. Seems to me, the arcticle has been posted to confuse and attract angious Windows users - and create traffic on the sites linking/citing the FUD.

EOF,
Freudi

Maddog, yes I'm a big fan boy for Microsoft..

I'm a MCSE, and get pay for working on windows networks..

But wait i must be a traitor in Microsoft cause, because i also have a Mac notebook, have 2 linux distros running at home, and i know what are the strongest points of each OS and use and recommend them in that way..

Oh boy now i must be a Mac fan boy or wait maybe a Linux fan boy?

Kid before you make accusations, know your facts straight, i am not a 14 or 15 years kid, who uses the internet to make flame wars or bulling..

No Ottmar, the WUAUCLT client doesn't only update if the user goes to the Win Update website. No, it automatically compares its version to what Microsoft's servers report as the latest version. If it find itself to be out of date, it will update itself.

That said, I think I understand kinda why they did this. There was a major bug in Windows Update where checking for updates would hog all system resources and make it impossible to use the computer. It crippled my old desktop, and I had to start working more on the Mac Mini and my newer HP notebook. This was part of a two piece update to make sure Windows Update didn't resource-starve your computer. I suppose they might have thought it was better to force the update because many people turned off AU because of this bug. It's still a shady practice.

Wes, No Ottmar, the WUAUCLT client doesn't only update if the user goes to the Win Update website. No, it automatically compares its version to what Microsoft's servers report as the latest version

Sure, if AutoUpdate hasn't been disabled.
http://technet2.microsoft.com/windowsserver/en/library/4de6a129-fbf1-41ef-b255-5510554713c51033.mspx
has been posted at least three times now. Maybe one should consider reading it before posting. Sounds like a good idea, doesn't it? ;)

Bye,
Freudi

"The way it has been for years and is well known."? You should study what have been installed in your computer before asking people to check with technet.

It is a common understand that software company should not installed updates in any program/computer without inform the owner. Even as big as M$, they will make mistake: they public announced that NT4 SP4 is Y2K compatible in Mid 1999 and actually even NT4 SP6 is not 100% Y2K compatible.

Could you imagine if they made a mistake, how big the trouble would be and who should take the resposiblity?

Tornado, "The way it has been for years and is well known."? You should study what have been installed in your computer before asking people to check with technet.

I'm not asking people but some commentators and the author(s) to just do it. Did you? I did and yes, I know what's running on my systems and yes, it is normal for an update mechanism to update itself.

Have fun,
Freudi

Next try to reply to Wes' comment:
No Ottmar, the WUAUCLT client doesn't only update if the user goes to the Win Update website. No, it automatically compares its version to what Microsoft's servers report as the latest version. If it find itself to be out of date, it will update itself.

True, but with AutoUpdate turned off and not visiting Windows/Microsoft Update (nor the Windows Update Catalog site), it doesn't update itself.

Bye,
Freudi

I like turtles.

Ladies and Gentlemen, please settle down and forget about this article and feel free to read
http://blogs.technet.com/mu/archive/2007/09/13/how-windows-update-keeps-itself-up-to-date.aspx
instead.

What now, Joe?

Bye,
Freudi

Thank God, Scott "tin foil hat" Dunn finally found the "fine print" that explains this.

Please feel free to read
http://blogs.technet.com/mu/archive/2007/09/13/how-windows-update-keeps-itself-up-to-date.aspx
a direct response to the article here.

Bye,
Freu"Second try again, thanks Joe"di

I didn't read through all of the posts so I apologize if I missed a change in tone of the thread.

I am AMAZED by the level of acceptance what MS is doing here. I manage 5 production servers that are located at a hosting company and as such are not behind any firewall beyond their own. While some people believe it is best to turn on automatic updates in this case I am not convinced. What really concerns me is someone hacking the update system and installing some software that will do irreparable damage to my clients' data.

For this reason I leave these servers with the configuration "Notify me but don't automatically download or install them." I ASSUMED the servers would be safe in this configuration but obviously MS has a back door into my system which I can't remove and is a potential security nightmare.

Someone here said it is is obvious that MS needs to update the windows update software so that it can deal with new update. This is ridiculous. Since the updater can download ANY code there is no limit on what the updates can do. They could provide the update to the updater as a update instead of forcing it down my throat.

One more reason to change to Linux!

MS's direct response to the inaccurate articles spreading about "the issue" which isn't any:
http://blogs.technet.com/mu/archive/2007/09/13/how-windows-update-keeps-itself-up-to-date.aspx

See
http://blogs.technet.com/mu/archive/2007/09/13/how-windows-update-keeps-itself-up-to-date.aspx

Quote from MS' MU blog:
Before closing, I would like to address another misconception that I have seen publically reported. WU does not automatically update itself when Automatic Updates is turned off, this only happens when the customer is using WU to automatically install upgrades or to be notified of updates.

Nuff said

I invite the excuse makers to MD5 their system files and log their IP connections.

They will find that system files are changed after connections from IPs that belong to MicroSoft.

This sort of thing is why we don't use any MS products for any proprietary or financial systems.

Wow, Ottmar Freudenberger your complete acceptance of this has utterly amazed me.

This is a huge security hole! How can you not see this? If you disable the AU service, NOTHING should automatically update itself. Period!

This could be exploited by an attacker to install and run arbitrary code. You obviously don't know anything about security... though, that's not surprising for an MS fanboy.

Jay, Wow, Ottmar Freudenberger your complete acceptance of this has utterly amazed me.

Fine. You've read the MS's MU Blog entry linked to above? Fine. You've read the MS Technet article too? Fine again.

I'm sorry to disturb your picture of the world, but I'm no MS fanboy at all. And no, don't worry, neither I'm nor MS is going to invade you - although that (at least I) may open your mind (ooops) and reduce your obvious paranioa.

Bye,
Freudi

Can someone who knows post the dns names and IP addresses that Microsoft uses for Windows Update? I intend to block those IP addresses in my router and point those dns names to 127.0.0.1 in my dns server, except when I'm explicitly intending to apply updates.

To Ottmar (and others): Please feel free to e-mail me if you use links in your comments. The blogging system automatically puts comments with links in a "pending" queue. As such, your comments got hung up for a few hours, Ottmar. I only check several times a day.

Thanks,

Joe

Excellent report Joe.

"Our computers belong to us, and therefore, we are ones who decide what to do about them, whatever the outcome. Not Microsoft (no excuse is valid)".

Your report talks about something we were suspicious about all along, due to strange behaviour in our computers, but we did not have the chance to test it or analyse it and/or we put the blame on the software complexity (now thanks to you and to people like you, it can be proved this suspicions were well based)

In my case, based on the above said (computer strange behaviour), disabled updates from Microsoft and only enable it when I have the appropriate time to thoroughly check what is actually going on.

Regarding to my browsers, in Internet explorer I have disabled most of Active X controls (Internet options, Programs, Manage Add-ons). I make very occasional use of it, normally I do employ Mozilla Firefox (one of the reasons why many people use Mozilla instead of Internet Explorer is because they feel stalked).I have taken very similar actions with Windows Media Player.

Since I have done this have not have this kind of problems anymore. The current problem I am struggling with is that the wuauclt.exe slows down my computer for a few minutes after being booted, when I have disabled Microsoft updates.
---------

Obviously, here the bottom problem has been solved long time ago, "The ends justifies the means?" and the response is known by everybody.(perhaps not,but in case of lack of knowledge, enough common sense then)
Although think about this is MS's problem (and totalitarianism's too.)
------------

Others Opinions:
"If this turns out to be true (and I want to make it clear that I’ve not confirmed this) then this will be a very serious betrayal of trust on Microsoft’s part. Not only is it hard enough to keep track of changes done to a Windows installation as it is, but if Microsoft (or other companies) start updating systems without consent, this will lead to all sorts of trouble."

Windows update contains code that determines whether updates need to be applied. If you choose to be notified that there are updates that you require, the update code itself must be kept current.

The solution is very simple: if you don't want to have windows update check your system for the latest patches, turn windows update off.

Setting a service to manual is not the same as off, disabled is off. It would be interesting to see if they conducted these tests with the service disabled rather than manual which mean it has the permission to start via user or process.

There is no technical reason not to allow MS to update the update service esspeically if the service is not starting.

It gets quite tiring hearing that I am sort slave or drone because of my OS choice.

Having deployed and managed more servers than anyone posting here it would be interesting if people started to focus there debate on real technical data rather the religious ones.

Alas finding someone with actual technical knowledge gets more difficult all the time.

_drew

PS A network of 1000 servers and 4000 clients is few, but challenging when it grows from 50 in 4 years.

The fact that a mechanism exists for Windows Update to modify code on a "non-participating" client opens the door for serious problems on 100s of millions of Windows machines. The greatest problem is one of potential abuse by disgruntled MS employees, ex-employees, or capable hackers who have already shown they will spend the time and effort to do as much harm to anonymous networked machines as possible. It is unacceptable to have an open port to the Internet regardless of a user's configuration. Microsoft somehow feels they can extend their operating system license so that they have access to a user's machine even if the user wants to be left alone. This is seriously poor judgment on the part of MS.

Windows does ignore update permissions. I was notified of an update and denied permission. After a couple of minutes, it updated anyway. This happened with the "malicious software" update.

The funniest part of all of this is while y'all sit there and type your "hateful screaming", you look like idiots with all the bad spelling and grammatical errors. I could give a flyin' **** what kind of certs you have, illiteracy makes you look stupid regardless. Take out a loan and buy a clue.

Look, how else can Microsoft force installation of Win XP updates so as to introduce little irritants such that users will be pursuaded (forced?) into upgrading to Vista. And of course, they will do the same as regards Vista down the line to "gently" push their next OS.

What part of Microsoft's business plan don't all of you understand?

Jim K, MIT Class of 58, one year shy of a half century of computers, this stuff is so new.

Drew: "A network of 1000 servers and 4000 clients is few ..."
Wow, that's a serious client/server ratio! Last time I managed a Windows environment it was 250 servers with 10,000 users. Later I had a cluster of 14 servers satisfying a peak population of 175,000 users. Mind you, that was Solaris, a different world to what you are used to.
/B

This is how wars start. And like lots of wars, I am at a loss to comprehend the problem. Perhaps I'm dumb.
As I understand it, Windows Update (or MS Update or whatever) has 3 options: Off, Get But Don't Install and Get and Install. If I choose Get But Don't Install and the updater itself is out of date the updater will self-update in order to complete my Get But Don't Install request. OK, I can live with that because if it can't self-update it can't Get.
If I choose Off, nothing happens; and it goes without saying that if I choose Get and Install it will Get and Install whatever it finds amusing.
My point: What's the problem? Even at home I choose Get But Don't Install so I can see (ok, guess) if the updates will screw anything up. At work we give it a shot on typical configurations and test. No issues with that.
Am I worried about p-o-ed MS employees? Why? If I were one of them I wouldn't use update. My bombs, back doors, trojans and whatever else would be deep inside the OS. I'd stay up nights decompiling BIOS code from major pc manufacturers so my OS changes could change the BIOS.
Is someone doing that? Maybe. They may also be tapping into the traffic control cameras of major cities and following me around. Maybe Motorola is watching me from a satellite 'cause I have a Samsung cell phone.
I prefer to spend my worrying on whether or not I can pay the mortgage or what has been deemed safe for me to eat that might not be. Battle on.

Just use the computer... enjoy the computer...
be happy you don't have to write he op-sys
like we had to in the old days. what we have is truely amazing!

Since I helped make it run, I am happy with W2000 aka NT 5....Because I know what is in it...

If I want flash & dash, Kubuntu AMD64 will do it for me.

Uh, you may want to check out COMODO Firewall and CHOOSE who can " Phone Home "..I do...

So why exactly is Dimdows Update unable to see updates if it is not itself up-to-date? Is there something about the protocol or formats involved in updates from Microsoft that keeps changing, that requires Dimdows Update to be continually updated?

Because, for comparison, no Linux system I'm aware of has this problem. It doesn't matter if your apt or your yum or your emerge or whatever is an old version, that doesn't stopping it getting hold of any other updates for your system. That's because the basic package and repository format doesn't need to keep changing.

About 2 months ago, two computers in my office running Windows XP stopped allowing the other computers in the office to open Word Perfect 11 or Word Perfect 12 files from other computers running XP or Windows 2000. The files can be copited to a memory stick and loaded from the stick without a problem. Has windows disabled the ability to access these files. There is no problem with Word or Excel files.

Mike Bruce

I understand that the AU needs to be updated to be able to see new updates. But if the AU detect that it needs to update itself it should inform the user about the situation and let the user decide if and when to update the AU.

This way it would work just like a normal update and is much better that just doing a stealth upgrade.

I just don't see why a AU update should behave different than any other windows update?

Having worked at Microsoft, I can tell you three things:

First, if it was up to them they would have everyone use their code off their servers on a pay per use model. They are working that way as I write.

Second, read the EULA agreement; some idiot in the past allowed software companies to float these agreements to set precedence. Too late now. They own your software and only "rent" it to you so it isn't that big a jump to doing whatever they want with it and to you.

Third, Linux is better, really it is once you get past the snobby culture and the steep learning curve.

I am frankly appalled at how many people who responded to this article who simply missed or cannot understand Joe's point. Even if you DO have Update turned completely off, it will STILL change files without asking you. And for those who say "Well it has to update itself" I say you need to take a fresh look at your own thinking. Updates are determined by simply checking a Date. Anything newer than your version is by definition an update. Actually, it would be interesting to manually change the date of those affected files, and see if it will still replace them. Now THAT would be truly scary. But I would insist MS ask my permission before installing any new files, when I have the Update thing turned off. Having had some small experience with corporate images, the people who design them are very sensitive to ANYONE changing the files, once the image is certified. It is beyond the pale for MS to essentially tell every Windows user in the world, "Never mind what choice YOU made about updates, WE know better than you and will install updates to any file we please, without asking you for permission". This reminds me about the OOXML voting. Yes, Yes with comments, Abstain, and No with comments. What about NO, over my dead body ? I hope MS did not get to choose the possible answers to that question.

I find it outrageous that microsoft does this. My system ( win xp sp2) was set for no patches or updates at all and I'm still getting them( the yellow shield in the taskbar) then when i ran pareto xsoft spy it tells me that this update is a security risk and quarentines it. something going on here that I don't like

First it's stealth operations put in place by Ozzie... now it's stealth updating?

"As best anyone can tell, the guy doesn't have a job, he doesn't even have a life outside of anti-MS evangelism."

ya, you know, cuz when Big Tobacco lets you go, working for the FSF is the next best lobbying job you can get.

You boys need to apply some gray matter to this issue. When you attack an issue based on your feelings for the person presenting the issue, you are making ad hominem attacks - a thouroghly unsubstantial complaint. Either what he said was true or it wasn't. Then you need to see if it is relevent or not.

In this case, whether he loves or hates Microsoft and/or their products, what he said is true. Then you must decide if it matters. All they have found so far is that the eighteen files that control Windows Update change despite their attempts to block that from happening.

Now I would assume that Windows Update, including the files that control it, do not interact with other parts of the system. It's job is updating. Since it doesn't react with anything else, compatability shouldn't be a problem. It is basically just keeping itself current. SInce it is an area that would be vulnerable, that is, it talks to the Internet, then it is paramount that it be up to date all the time.

Persoanlly, I think Microsoft's assumption was "reasonable". Their assumption being WU is a seperate process from Windows thus does not need user permission to accomplish and that it should be done as quickly as possible consdering the risk involved in leaving these files unpatched.

Well that does it. This violates federal banking guidelines, therefore MS will lose considerable business, including ours. We decided at my company not to implement Vista until at least 2009, and now we will seriously consider changing platforms to mac or linux at that time.

Sure MS has the right to make updates to their OS. But they have to disclose it. Which in this case they did not. This is ripe for class-action lawsuit.

Linux vendors and Apple always disclose their updates and never do anything silently. Also, if you turn them off the system will remain unchanged until you re-enable it.

Apparently, MS doesn't feel this way.

If there is a bank using Windows Update (instead of WSUS or a patching service), they probably should find something other than Windows. This update doesn't affect corporate users who patch with an enterprise solution.

Wait till the active military Chinese hackers have a field day exploiting this feature. Those XP/Vista updates can pass anything into the millions of computers easier than you think. Bankers, be aware.

just enjoy the rape. thanks to ms and bush we have to take it and then if we don't say we enjoy it, they will toss us in jail. grow up people, they run us and you better say thanks!

The only reason you can't call this a bit of Spyware with a Trojan is because it was written in to the original code. But the effect is the same and it will, now that it is public knowledge, be on the exploit list of every hacker in the world. "Now let?s see what it takes to trick any Windows system into down loading 'mypatch.dll'." Do you think that you could get it to broadcast or hide in a pod cast?

After reading the Microsoft technet blog that Ottmar has cited, I have to conclude that this is yet another instance of Joe Wilcox sensationalizing a nothing story, jumping in with both feet and raising all sorts of accusations without doing thorough investigation, simply because it gives him the opportunity to paint Microsoft in a bad light.

Joe, why do you cover a company that you despise so much? Can't you find something more rewarding to do? It seems it would be more enjoyable to cover a company that you like. Well, I guess you get a kick out of trying to tear down Microsoft since you despise the company. But at least do some investigation before reporting your drivel. Or do you simply not care that your reputation is a joke and that nobody thinks you have credibility regarding Microsoft stories?

Even those that, like you, hate Microsoft, *know* that your anti-Microsoft tirades are from a Microsoft hater and therefore carry little weight, even if those haters do cheer you on.

Here's a clue: Before reporting a story like this, at least bother to get both sides of the story and report both sides. Simply saying, "Microsoft didn't respond within the afternoon that we contacted them" isn't enough. You should give the accused at least 24 or 48 hours to respond before you run with a story like this that only has one side presented.

When i broke the seal; i surrendered to microsoft.
i have been treated to MS brown box software, a master bata to keep if i contributed to debug the wireless portion, allways at an implied right of microsoft to rule. So no supprises to me! if they upload or download, go right ahead. ( if you do not z data store, you do not know what is going on ) In General ***** MS. a. one small point, the purity patch against bugs, needs improving. i've used 3rd party cleaning tools and pulled some nastys embeded in WMV;s and other free downloads.
I for one will help MS and their efforts to bring a better product to market. That said, I respect the right of the author, ( complainer ) here to be heard and respected as a power user. He is only championing for a secure corporate computing system. ralph g.

Think About it-- you said " Either what he said was true or it wasn't. Then you need to see if it is relevent or not."

I like your post. To save time though, I usually determine whether something is relevant or not before I worry about whether it's true.

I am not the a computer geek that most of you are, so doing anything to my computer gets me worried, that I do not understand.

For example. I have ZoneAlarm Security Suite. It asks me if I want to allow certain things. In the last 6 to 12 months ago, when I want to open a file or do a task in Microsoft Office, ZoneAlarm alerts me that Microsoft Office (or one of its applications) is trying to access the Internet? What for? Why is it anyone's business? I cannot even do my Microsoft Office tasks unless I connect give permission to allow Microsoft Office to access the Internet.

Another example. Sometimes I just need a temporary distraction from the tedium of computers, problems with computers, or just life. So I play a quick game of "Free Cell". So, intermittently, "Free Cell" wants to connect to the Internet via Internet Explorer. If I say no, via ZoneAlarm, it ceases working and closes. If I go to it again, it is fine, until the next episode.

These things only happen with Microsoft related software. So I assume Microsoft is the source of the problem? "What the hell are they doing?" I never gave Microsoft permission to do that I know of.

Anyone got some answers? Or is this behavior just another form of information gathering "spying" that I do not want them to have? Haven't seen an article, blog, that answers this phenominon.

ko77

So how can the updating of Automatic Updates ne a SECRET if Microsoft writes every update into the Event logs?

And what constitutes "ignorance" by the user and what constitutes "unauthorized" updates when in fact use of the Automatic Updates was probably agreed to twice by a user of the machine?

How many angels can dance on the head of a pin?

FYI Checked my W2k SP4 and found both wuapi.dll and wups2.dll were Created 12/18/05 and Modified 7/30/07. Both were the version noted ( ... 381 ? ) in your report. Am not sure how they were installed. I have kept the "Uninstall update" files in Control Panel add/delete files.

I just checked my own system (fully ligit copy, XP Pro SP2). I have Auto Updates turned off.

...I'm still at v .374 ^_^ No forced update here.

This is bad, very bad and anyone who defends this is an obvious 'Micro$oft Bigot'. Don't tell me I have to go to a 'Micro$oft' source to read the truth. I still remember the GPF Protection Faults and the Windows 95 �Blue Screens of Death� with Windows (the application that ran on DOS) 3.1 and Windows 95 (Micro$oft�s first operating system).

Did you 'attempt' the GPF troubleshooting guide presented by Micro$oft to supposedly 'fix' this problem. I did when I was the System Administrator for a telco and at 2 1/2 - 3 hours per attempt, attempting no less then 3 times and not having any success I threw the Micro$oft GPF Troubleshooting Guide in the trash where their operating systems belong. We had 'paid' Micro$oft support and they were completely 'mum' (i.e. Silent) on the issue. (i.e. They knew they could not fix it and they were not going to try, but they were willing to let you waste your valuable time to attempt fixing it in vain � I still think it was poor coding, poor memory allocation, but have no proof, nor do I care at this point�as they would not even acknowledge that they had a problem besides that �useless� GPF Troubleshooting Guide.).

Now you want me to use any 'Micro$oft' source and expect a 'straight' 'honest' answer, lmao you must be crazy!

Someone wrote, "The only reason you can't call this a bit of Spyware with a Trojan is because it was written in to the original code. But the effect is the same and it will, now that it is public knowledge, be on the exploit list of every hacker in the world. "Now let?s see what it takes to trick any Windows system into down loading 'mypatch.dll'." Do you think that you could get it to broadcast or hide in a pod cast?"

Well I know how to compress executables into images and look at the problems with .pdf files that everyone relies on... so could your system be 'tricked' into downloading, extracting, executing a file ... MOST DEFINITELY! I can�t believe anyone thinks this �cannot happen�.

It has happened, it does happen, it will happen again! Wake Up!

Joe is not an alarmist, he is pointing out the facts (that many don�t want to acknowledge), and just because they have been able to do this for a long time, does not make it right, nor does that make Joe wrong. Okay you have established that this has happened for some time � it is still �wrong�.

My next search will be to see what Trojans and viruses can be hidden in the update files, not that it matters, as any 'unauthorized' downloading of files without permission is a 'violation of trust'.

How many times do you have to be burned and your TRUST violated before you stand up for yourself and say NO.

Thank you mam, may I have another�

Message to Micro$oft: Your vain attempts to 'force' me to upgrade to your 'new' OS because that is the 'only' source for a 'device driver' for some third party app that I would like to run has worked I am officially switching to Linux with my next paycheck....goodbye Micro$oft and any other company that 'attempts' to 'force' me to use their latest and greatest products will meet the same fate.

I choose to retain my 'right to choose'!

As a System Administrator with IBM Mainframe Operating Systems, DOS, Mac, OS/2, Windows 95, 98, Unix Solaris, Linux, Windows 2000, operating systems experience (in that order) over 25+ years, I already know which servers were 'down' almost every morning when I came into work and checked my company's servers...yes they were your servers (Micro$oft) and the Lotus Notes servers, rarely OS/2 (except with the Lotus Notes servers�as they ran on top of OS/2 - haven't used that in years) and NEVER Solaris or Linux (only when we brought them down).

That is what I like, a system I can count on to do what I want it to do, when I want it to do it. It just makes my life easier and helps me to focus on making my business more profitable. If I have to become �anti� Micro$oft to become profitable, I will do that, as I too want to put food on the table for myself and my employees!

Another point, forcing ever increasingly expensive MS OS (and Micro$oft Office) upgrades does not make my business more profitable. That Micro$oft Office application is really getting more expensive isn�t it!

To the person that had trouble with computers not loading WordPerfect files, yes Micro$oft wants you to use their products, plain and simple and they don't plan to give you a choice. There are too many examples of Micro$oft doing this in the past to post... The company I am consulting with has already had problems with this and Vista, it sucks! (Wait until a user of an older Micro$oft OS at home, cannot work on and share work related files with their colleague�s at work using the newest Micro$oft OS, this is happening now with Vista!)

You use to be able to count on 'backwards' compatibility, not with Micro$oft, not any longer.

Just wait until you cannot access your 'data' files for your business because Micro$oft has decided to force you to upgrade before you do...than tell me who is controlling your day to day business decisions. At the end of the day it better be you or you are screwed! (One financial application (not MYM, the other one) did this to their users, many of them CPA (accountants), after attempting to upgrade and �try� the new version of the product, they decided �not� to avail themselves of the opportunity to upgrade, little did they know that the �upgrade� attempted had �corrupted� their files. I use the term corrupted, as when they reinstalled the old version, the old version could no longer access the data files.

It has happened, it does happen, it will happen again. That does not make it right!

How many times are you going to allow your TRUST to be usurped and violated before you say, NO MORE?

Sounds like it's time to add

127.0.0.1 windowsupdate.com

to your hosts file so that MS 'stealth' updates can NOT actually connect to M$!!

What user will complain that they would rather have older Windows Update components running on their system? Most dont care and would want MS to maintain their update software.
However, Microsoft ought to tell you this is what is happening.

From the official Microsoft statement:

"Before closing, I would like to address another misconception that I have seen publically reported. WU does not automatically update itself when Automatic Updates is turned off, this only happens when the customer is using WU to automatically install upgrades or to be notified of updates."

This statement is absolutely not true. I have automatic updates completely turned off since I prefer to maintain strict control over updates. In saying that Automatic Update is completely turned off, I mean exactly that; NOT the "Automatically download recommended updates for my computer and install them" option; NOT the "Download updates for me, but let me choose when to install them" option; and NOT the "Notify me but don't automatically download or install them" option. The radio button I have selected is the one that reads "Turn Off Automatic updates".

I go generally once a month to the Microsoft Windows Update site to select manually the updates I want, using the custom installation option.

Despite this, at 7:40 this evening (September 17) while I was working on my computer the program files for Windows Update were themselves updated without any kind of notification or warning to me. I was aware something unusual was happening because of the sudden much-increased activity of the computer during the installation. After I rebooted, the "Tiny Watcher" utility alerted me to the changed files. As well, the Event Properties Viewer also shows the event: The Automatic Updates service was successfully sent a start control. Of course, the installations are also recorded in the WindowsUpdate.log file.

To reiterate, automatic updates were totally off, I was not browsing the Windows Update site, or indeed any other part of Microsoft's site. And still these updates were downloaded and installed on my computer by Microsoft.

I object strongly to Microsoft's underhand behaviour in this case. The company could have downloaded and installed the necessary Windows Updates components during my next visit to the Windows Update site, after gaining my implied or express consent. Instead, they set a dangerous precedent by installing the components without notification and contrary to my clearly-expressed wishes, as indicated by my Automatic Updates settings.

As someone posted earlier: Why does Windows Update have to update itself all the time?

I have used M$ OSs from DOS 2.5 and onwards to XP Pro/Home SP2. I have fiddled around with Vista Home Premium (my grandfather's computer) and I am so thrilled I got my new laptop when it was still loaded with XP. Now I have grown tired of it all. A year ago I had a, at the time, seven year old laptop which had nothing going for it except that it had 192MB RAM. It was XP Home installed on it, and to get onto the Net I had to install drivers to allow the USB1.1 port to act as connection. I tried Ubuntu 6.06 for starters, and ended up with 6.10 later. No need for drivers in Ubuntu.

Of course, there were updates on both OSs. There is always bugs found and fixed all the time. Difference was, one reboot in Linux (when upgrading the kernel) vs at least 7 in Windows. I had the system up and running in less than two hours with Ubuntu, while Winblows took the better part of three days.

I have been more and more reticent to use Winblows over the years. I have now switched completely to Ubuntu 7.04, have proudly posted a sticker on my laptop stating so, and removed the Winblows flag from it.

This is just another nail in the coffin for that OS. Sure, they are better at much, but in many other areas GNU/Linux rocks more. Just the price comparison between a seven year old laptop I got for free, and this one that was at the time worth about $2.200 and the freedom of knowing that you don't have to check every file you download with at least 5 malware/antivirus programs and whether or not Redmond has a tap on my phone line.

I now know more about Micro$oft Winblows than I did when using it. I will continue to learn about GNU/Linux and I will recommend it to people. I will not force it on them as M$ does, but I will encourage and give help where I can.

I am in the process of getting rid of anything M$-related. Too bad I have friends that use Messenger. Can't get rid of my Hotmail account, which gathers more junk than my garbage-bin.

I once admired Bill Gates. After seeing the movie "Pirates of Silicon Valley (The Story of the Sleazebag Personal Computer Industry)" and reading and hearing about the things Micro$oft has done to competitors that had better products but smaller wallets and their customers, I no longer admire anyone of the higher-ranking employees of that company.

Steve Jobs isn't portrayed very favourably in that movie either, but he does come off as the best of the two.

I want to know that I can gain complete control of my computer, tweak it to fit my needs, not Bill's, and be sure that if I screw up, I don't suddenly have to fork out a whole wad of cash to be able to use what I have already paid for. It's my property, I am not renting it. And as such, I can build on it, modify it, tear it down and buy another, without being afraid of having offended someone who might sue me in a court of law.

An update to a system is needed from time to time, no question about it. Just don't try to hide it from me. It sure IS stealth as the article claims. Consider a stealth plane: It's not visible on radar, it doesn't produce much noise, vapor trails are almost likely never going to show up. But, it is not invisible. Should you happen to look at the right place in the sky, you will spot it. Same is with this updating of the updater. It doesn't notify you in any way that it's there, or tell you why it's there, and the trail is hard to follow, but it isn't invisible. Why the money-grabbers at Redmond doesn't inform you of this in any way is beyond my imagination. Or maybe not. Watch the movie and see how the Micro$oft empire was born, and you will see that this has been the way of the company from the day it was conceived with three employees with no money at all, just an idea they more or less stole from other people.

As anyone can plainly read, I am not a M$ fanboy. Neither have I posted lies. There may be inaccuracies in this, but the truth isn't far removed. Neither am I a complete GNU/Linux fanboy. I know it has its difficulties, it's another way of doing computing and sometimes it's worse, sometimes better. I use computers to keep in touch with the world and use media. In this, GNU/Linux is far better than Winblows. Because it has no DRM is the main selling point of the game.

I will get lots of comments on my comments. You choose your way, I have chosen mine. As I said, I won't force GNU/Linux on you. But I would urge you to re-read the Constitution (Americans and Norwegians at least, as these are the ones I know) and for Americans, the Bill of Rights. I can't see anywhere in any of these that you can give up your right to control your life, even if it's as small an issue as this.

DANGER!!! DANGER!!!

Nobody noticed main danger???

If MS can update a remote computer without user's permission, so can a determined cracker, and take control about any rWindows box.

Too precious target to be overseen by black hats!

Simple scenario: Hijack a provider DNS and take control over ALL its MS-users.

Phishing schemes will be seen very soon, exploiting this. THERES *ANOTHER* HOLE in rWindows...

In short: If MS can plant specific pieces of softwares inside windows computers, there's a way to baad guys plant any software!!!

WAKE UP!

My lord I can't believe the number of idiots in here. Windows update does not need to stealth update itself so that it is able to update. It can let you authorize as usual. Everyone saying different is a steaming pile of idiocy.

As a subscriber to eWeek, I'd read of the auto-update situation. Not surprising at all. Folks, read the Microsoft EULA. Plain and simple the answer is right there.

Read this and maybe weep....:

"8. SCOPE OF LICENSE. The software is licensed, not sold. This agreement only gives you some rights to use the software. Microsoft reserves all other rights."

See what it says? No one, period, owns their copy of Windows.....whatever version it is. Simple as that. Yepper-doozy guys, you all paid 'X' amount of dollars ['ceptin' the wise ones who cracked] for an OS and actually thought purchased something.

Seriously, you did not. You do NOT own your copy of Windows....XP, Vista or any other. And like any tenement landlord - they can come in and spray for roaches or not whenever they want to. That 'license' you agreed to can be revoked whenever and for whatever reason or in any moment by Microsoft. Kind of like getting a ticket by a drunken Highway Patrolman. Doesn't matter if you are right or wrong - he's the law, got the gun and you'd best just shut your yap and move on when allowed.

Do I like this? Heck no. I dual-boot and do my important business on Ubuntu. Long live open-source.

LA-Backdoor's post is pretty much on the money, imho.

I, too, have used Windows since the 80s (not be choice--it was the system chosen by the companies I've worked for).

My experience: Do not trust Microsoft. I remember when Windows 3.1 came out. If you had Digital's version of DOS, Windows would not load. Digital, suspicious, sued, proved the incompatibity was no inadvertent glitch, and won a substantial amount from MS. MS had purposedly designed Win 3.1 so it could not install over Digital's version of DOS. They didn't like the competition with MS-DOS.

That's just one example. I've resented for a long time the heavy-handed way MS forces you to buy its new OS.

I've resented Microsoft's practice of killing promising new technology by buy the company and just lead the product die. Sometimes they will continue development but other times they let the product wither way. These are usually products that pose potential problems for MS if allowed to grow. MS doesn't like Netscapes.

And, for those who repeatedly argued that all you have to do is turn AU completely off, please read the post that disputes this. Even when completely off, AU is in no way completely off.

Hey, its the Microsoft tradition!

I wish I could get hot under the collar about Windows Update actually doing something. On my new Vista PC Windows Update hangs there and waits ... indefinitely.

Yes M$ is wrong by updating files you did not agree and yes it could compromise system security as it already did and been patched AND been trying to keep it that way, i know i have been retired from hacking for 3 years now.

If any of you would like to protect yourself "properly" because like a user said earlyer in the thread "there are no dependencies to the wu service" then just get yourself a good firewall with a "Proactive Defence System" and an "Intrusion Detection System" and protect the wu core files from any updates, changes or modifications, afterwards if your wu becomes unusable eg. wont let you update, then and ONLY then remove the protection or download the updated files, read about the changes and install them manually by selecting "Run as administrator" but if you can not get any information about the changes made to the new version of the file you wish to update or as to why you are not able to update your windows installation then you have a motive to take legal action against the faulty party in question, otherwise you are all waisting your time.

I have a unique problem. On my XP machine I have automatic updates set to download, but let me install. I have update KB898461 sitting in my updates notification tray and it errors out on installation, but will not allow me to uncheck it to make it go away. As a result the update notification keeps popping up. I HATE MICROSOFT. As a long time supporter, this and VISTA problems on a new SONY laptop are driving me toward Macintosh. Does anyone know how to make this update go away???

This is ridiculous! I pay my broadband provider by the amount of data I use, and this particular issue is getting on my nerves. I have the update running on my computer even when I have specifically selected to download updates only if I choose to! Can't someone sue MS for this?

I run Windows XP SP1 without Auto Updates enabled.
My old reliable HP Laser Jet 5p acted up yesterday. font table was.

then found that the Auto Updates had been turned on without my permission which leads me to believe that the Redmond Mob would perhaps crossed over the legal line?

I'm just an old lady in a wheelchair who ekes out a less-than-pension living writing freelance XHTML and editing videos for people. Yes, my MS Updates settings say "notify me of all updates". Yes, I should have a state-of-the-art megasystem. Yes, I should live in a place that's not on dialup. But I don't, and I can't, and right now my options are non-existent. I have to make do with what I've got. Basic survival is my focus.

As we speak, Microsoft has been uploading unwanted updates to my computer for four days - at the rate of 41.2 kBps. My computer now slows to a crawl in all applications if I'm on line, which I frequently have to be; and yesterday I had to make complicated arrangements for transportation and assistance (and lose working hours) just to get me to a friend's house to upload a video file to meet a deadline. I have another one to upload right now, no rides available, and my computer is only at 34% uploaded with Microsoft's unwanted updates. I've given up on the video I was trying to upload hours ago; and I'm literally, absolutely, not eating next week, thanks to missing a 4pm upload deadline today and thereby forfeiting a client's weekly payment to me.

I hope there's a special place in Hell for the people at Microsoft who decided to alter my system without permission. And those of you who don't know what it's like not to be able to leap into a car under your own steam, not even to have the POWER to be able to afford a loaf of bread in spite of working 20 hours a day to produce 6 hours work with no hope of upgrading your software and systems - and that 6/20 is on a *good* day WITHOUT Microsoft's system-stealthing updates - can take your lightning-fast macho-alpha minds, arrogant and critical attitudes, and state-of-the-art machines - and hope you never get disabled or old.