Updated to add: Just to make it clear, I think Microsoft should have disclosed that it was installing this update. It was stupid for them not to do so and even more stupid not to have a KB article on this update. But there is a very logical reason why a reasonable manager at Microsoft would choose the strategy they did. Without this patch, Windows Update stops working. If WU stops working, Windows users (Microsoft customers) are more vulnerable. Unfortunately, what’s good for the majority in this case is also ammunition for those who are looking to bash the company.
But leaping from a single update to the conclusion that Microsoft is about to start downloading and installing other sorts of stuff on your machine, as some of the reporters covering this story did, is stupid as well.
As a commenter notes at O’Neill’s blog, Microsoft has a procedure in place to require updates to it Windows Update code and related utilities. If you visit WU manually, you might see one of these updates, which you must approve and install before you get to see the actual updates available for your system. So why didn’t they use that procedure here? Offer me a single update. After I approve and install it, I get to see the rest.
Also, I should note that the Microsoft Update Services Privacy Statement, which governs this component, does not include authorization for silent updates. Whoever authorized this update really screwed up.
There’s ample room for criticism of Microsoft, and there’s a genuine need for them to fix the mess they created. It’s also important to keep the whole issue in context.
OK, back to the original post…
I’ve been somewhat incredulous over the fuss about Windows Update choosing to update itself automatically on systems where users had told it to check for downloads. I was even going to write something about it. Then I read this post by Microsoft’s James O’Neill, who said everything I was going to say.
Two excerpts if you don’t feel like clicking through:
I don’t think people should automatically trust Microsoft. I don’t think they should automatically distrust us either. We need to earn trust, and sensible people will keep re-evaluating “In this case should I or shouldn’t I”. There are plenty of people out in the world who think no-one should ever trust us, a great many of them post on line to discussions and blogs, some write for magazines. Giving these people ammunition is stupid. And any manager in Redmond who does should be made to write out “I should never do anything which undermines public trust in my employer” 10,000 times. Preferably while sitting in a set of stocks (I’d locate these under the campus flag poles outside Building 10)
and…
To me, the whole premise of this argument is stupid. First off when I went to grab the screen shot I’ve modified here it says at the bottom
“Note: Windows Update might require an update before you can update Windows”
Granted I had to read that twice, as obviously WU can’t update the OS if there are no updates, the word “Itself” should be in there. But I’ve been imagining a conversation with some of the people who are making this fuss, (who seem to want to the WU dialog to appear like this version)Me: You selected a radio button which said check for updates, so do you want it to stop checking if we change something at the server ?
Them: No… but… WU shouldn’t change a single byte on my computer without my permission !
Me: Not one ?
Them: Not one.
Me: So how does it maintain a list of available updates to offer you ?
Them: Err… Well that doesn’t count, it shouldn’t change Executables
Me: So you told it to just get the list of updates
Them: … yes
Me: and to take the steps that are needed to get the list ?
Them: … obviously, yes.
Me: Even if that means updating the software that gets the list …
I agree completely with James that the reporting on this issue has been crappy beyond belief, and that Microsoft deserves criticism for making it so easy to call them EEEEEEEEVVVVVIIILLLLL.
Anyway, read the whole thing.
Ed Bott 
I think the first commenter on his post is exactly right. If I set something to manually update, it shouldn’t automatically do anything. Do you disagree? I like to keep track of what is going on, and so if something changes all of a sudden, I can think back to what changed recently, or did nothing change, in which case I would start looking elsewhere (like hardware flakiness – as in the recent discussion on your blog) If I know the software hasn’t changed, then I wouldn’t expect it to behave differently than it did yesterday.
I agree, Jon. That’s why I added the update here. Microsoft was stupid to do it this way. But it’s also stupid to assume (as several reporters/bloggers did) that this is the first step in Microsoft’s evil plan to force unwanted updates down our collective throats. They screwed up. They shouldn’t have done this the way they did it. They should have disclosed their policy in advance or at least simultaneously. And I hope they respond appropriately.
The issue here is not whether people trust Microsoft or not, it’s whether people trust Windows Update. If this was the first error of judgement Microsoft had with relation to Windows Update, I’d cut them some slack, but it isn’t. We had the WGA update pushed as a high priority update (which you covered here – http://blogs.zdnet.com/Bott/?p=97 – in which you said “… despite improvements in the license and privacy agreements and some changes to the WGA code, Microsoft’s customers are still not getting an accurate and full disclosure of what’s being downloaded and installed on their computer”), we’ve had fixes installed for undocumented security issues and now this. If enough people start tunring off Windows Updates because of concerns over how Microsoft use it, we’re all in trouble.
Another aspect that bothers me is Microsoft’s attitude to this stealth update. Both on the record and off the attitude seems to be that the company did nothing wrong.
I’m also having trouble confirming any Windows Update issue that this patch is supposed to correct. From what I can tell on systems set to download and/or notify August’s updates came in just fine on the 14th. I find it hard to accept that anything in those updates caused a problem (and if it did that Microsoft would have it patched by the 24th). I can’t find any KB article relating to this patch.
For me, that leaves a lot of unanswered questions.
I am glad that you clarified this issue, Ed. The way it was originally reported, it seemed that even if you had your auto updates cut-off it would still recieve a “pushed” install from the mothership in Redmond. Instead of the quiet update though, there should still be the option of installing the update. A simple notification would be all that was needed. If individuals choose the option of approving updates, then they are obviously concerned about what is being installed including the update to WU. These updates to WU are advertised directly to the end user that manually updates through the WU website. If it’s ok to warn these “manual” users,then why not the ones that choose to approve before install. Stupid decision, and needs to be corrected immediately. Side note on the evilness of MS–Microsoft really needs to pony up the money and begin an aggressive PR campaign to keep the current raving, lunatic fanboys that are masquerading as jounalists from infecting the rest of the populace.
Ed:
There is just no excuse whatsoever for Microsoft’s behavior.
When I tell the OS “do not automatically update” it means, to me and just about everybody else, “under no circumstance communicate with Microsoft and run the update software.” It does not mean “do this unless you don’t want to.”
Shame on Microsoft for this virus/spyware-like action. Shame on you for excusing this egregious behavior.
Richard,
You’re slightly confused about the behavior of WU, or else I’m misreading you.
You write:
If you choose “Do not automatically update,” then this update is not downloaded. However, if you choose “Download updates but let me choose whether to install them” or “Check for updates but let me choose whether to download or install them,” then the update software HAS TO RUN. That’s the only way it can communicate with the Update servers.
I’m not excusing anything by anybody. I said it was stupid and wrong and it needs to be dealt with. I said “Whoever authorized this update screwed up” and “there is a genuine need for them to fix the mess they created.”
How you can call that “excusing” is simply beyond me.
THERE IS NO EXCUSE FOR WHAT MICROSOFT IS DOING
it is the same thing spyware and virus doing
Oh, fer cryin’ out loud, Dan. No it’s not. You have a relationship with Microsoft software. You willingly purchased it, and you chose the option to use Windows Update. There are legitimate issues of disclosure and policy, but to compare this to spyware or a virus is just (sorry) stupid.
And stop yelling.
Hmmm… We have gone from being upset about MicroSoft updating something without our knowing about it to being upset about people being upset about this very behavior. Does anyone really know what the folks in Redmond put into the update? The very same people who are always warning us about downloading code and applications which may change our OS without our knowledge just did what they are always warning us about. Did anyone who still has the Vistas UAC turned on get a warning that changes were being made? I am not unhappy that MicroSoft wanted to update the OS that I purchased a license for. I am unhappy that they chose to do this without informing me. This is high handed and in effect says, “Do not worry, Mr./Ms. End User. We already know you are really not very bright and we’ll just do all the thinking for you about how you use your computer. Even though we know nothing about you other than you purchased our fine product.” Has anyone thought about malware writers being able to duplicate this ability to change the OS without alerting anyone? The people in Redmond were genuinely trying to do the right thing. I believe this or I would have switched over to Mac or Linux years ago. To those who watch Redmond like lions watch a herd of gazelles, I say, “Thank You.” To those who say this is much ado about nothing, I say “When someone tells you ‘The sky is falling!’ at least look up before you start to downplay their report.
Dunn & Co. are reporting otherwise:
…which is what this controversy is all about.
Yes; I conceive of it as less a symbiosis, and more a sort of armed truce between parasite and host.
Better say “grudgingly”.
No, in fact I explicitly did not….unless by “chose” you mean “failed to discover and disable every one of Microsoft’s stealth remote-control mechanisms, thus ‘choosing’ by forfeit”.
More to the point, Dunn & Co. claim they did not, but despite that got their Windows-Update files updated anyway. What we don’t yet know is what Dunn & Co. mean by “auto-updates have been disabled” in terms of checkboxes and system services; it’s not clear from the article. If by “auto-updates have been disabled” they mean some other checkbox than “Never check for updates” was checked, then Microsoft have a point: given the technical ability (and permission) to update files on a remote system, one might as well also throw in the ability to update Windows-Update files themselves in case of a real need — but that still doesn’t excuse the absence of disclosure about it, so I think we all agree now that it doesn’t. OTOH, if by “auto-updates have been disabled” they mean “Never check for updates” was checked, and despite that the Windows-Update files were updated anyway, then we have a problem: namely that Microsoft appear to have undisclosed reservations about the meaning of the phrase “Never check for updates” (similar to IE’s Tools menu -> Internet Options -> Advanced tab -> ‘Play animations’ checkbox, which when unchecked Microsoft interpret as ‘Don’t play animations except for animated cursors’).
OT3H, if by “auto-updates have been disabled” Dunn & Co. mean “Never check for updates” was checked, plus the Automatic Updates and BITS services were set to Disabled, and despite all that the Windows-Update files were updated anyway, then we really have a problem. Need I explain further?
Mark,
See Scott Dunn’s follow-up today:
“One account, in the Handler’s Diary blog, said there was no cause for concern since the Turn off Automatic Updates setting in the Automatic Updates control panel prevents the silent updates from occurring. (This is true, although it generates repeated boot-up warnings, as described below. Some readers incorrectly inferred from my article that even this setting allows stealthy updates; it does not.)”
On XP sp2, Windows Update runs as an ActiveX control running within IE and requires some service running within svchost. On my home computer, I have a personal firewall (Kerio Personal Firewall) set up to block svchost.exe. So, whenever I want to run Windows Update, I have to (temporarily) allow Internet access for svchost.exe.
Windows Update is supposed to make my computer more secure, yet I have to make my computer temporarily less secure in order to run it.
Windows Update should be a separate executable, to which permanent Internet access could be granted safely.
Well friends, it’s a new year and a New World Order. 3:30 AM, all 3 of my computers (with updates turned off) were requesting to restart (now or later), as Windows had been successfully updated. I thought I turned off automatic Updates (which I had), so as to review and install them at my conveniency, such as 3:30 AM. At least Microsoft considers this a good time, also. I just wonder who my computers are reporting too? Obviously, it’s not me. I”l post this around…maybe I’m just suffering from paranoid dillusions.