Call me crazy, but I think if you’re going to hold yourself out as a Microsoft expert and print critical comments from readers, you should make at least a minimal effort to fact-check those comments.
Today’s case in point is from Joe Wilcox, who took over Microsoft Watch from Mary Jo Foley a few months ago. In a muddled mess of a column about IE7, Joe includes this quote from a reader:
“IE 7 is horrible!” said Mark Brugler. The browser “crashed every time I tried to watch a video.” The technical director for a theatre in Tucson, Ariz. complained that he “didn’t like the fact that [IE 7] was forced upon me via Microsoft updates and I was not given the choice to install it.”
The reason this jumped out at me is I’ve been rebuilding PCs this week and I’ve run into the IE7 installation via Windows Update and Microsoft Update not once but twice. Joe’s reader is, to put it charitably, wrong. IE7 is not – indeed, cannot be – installed without the user’s explicit consent. In fact, there are three separate places where you have to provide that consent, or the installation fails.
This is true even if you have Automatic Updates turned on. Although IE7 is included as a Critical Update, it is not installed until you go through all of the following steps. (These screens are from Windows 2003, but they are identical in Windows XP.)
First, you have to agree to the installation. You can accept it, postpone it, or decline the upgrade completely. I’ve circled those three options in the screen below:
After you click the Install button, you have to read the license agreement and click a button to indicate that you accept it. If you don’t click I Accept, the upgrade doesn’t get installed. See for yourself:
And finally, you have to go through a Windows Genuine Advantage check to prove that you’re running a legally licensed copy of Windows. If you click Cancel instead of Validate in the dialog box here, the installation stops.
And even after you clear all three of these hurdles, you have to go through one more dialog box, in which the installer offers to install the latest IE updates and runs the Windows Malicious Software Removal Tool.
I don’t know whether Joe’s reader is deliberately lying about his experience or if he blacked out and his head just slammed into the keyboard four times, unconsciously approving all these dialog boxes and thereby installing IE7 without his knowledge. But Joe should know better. Microsoft Watch took a big dive after Mary Jo left, leading me to unsubscribe. I thought Joe would bring a higher standard of journalism, but I’m beginning to suspect I was wrong.
Update: Holy crap. It’s worse than I thought. A commenter at Microsoft Watch highlights the same ignorant comment I did and points out:
Fact: MS Update asks you 4 times in separate LARGE dialog boxes if you want to install IE7.
Joe responds by jumping into the hole he’s dug and digging about six feet deeper (I’ve highlighted the good part):
The guy felt like he had no choice. That’s why I let the whole comment stand, rather than truncating it. Perception is hugely important to companies like Microsoft.
Before coming to Microsoft Watch, I was an an analyst with JupiterReserch [sic]. A few years ago, one of Jupiter’s surveys revealed that about one third of Windows XP users had no firewall protection. Technically, this is false, because Windows XP has a built-in firewall. But I didn’t discount the finding simply because the people were wrong. The data revealed a larger problem: That these users didn’t know that Windows XP had an installed firewall.
Now go back up and look at those dialog boxes again. See that button that says Don’t Install? See the one that says I Decline? Now, please, reconcile those options with the statement of a supposed IT professional who says, “[IE 7] was forced upon me via Microsoft updates and I was not given the choice to install it.”
Joe, your original post was lame. Your follow-up comments are mind-boggling. If you really believe this, you should take up a new career in UFO research.
Ed Bott 
The reason is simple – people don’t read what’s on the screen. I’ve seen people enter a trance-like state when faced with dialog boxes and buttons and the start clicking in an almost semi-random way. Buttons are especially bad for this. That second stage in the IE7 install, if there was a checkbox instead of an “I agree” button, many people would actually surface from their semi-coma and start to pay attention. It’s no accident that spyware/adware installations mostly only use buttons during installation.
I’ve seen this happen first hand more than once – people will also swear that they didn’t install something when they clearly did. It’s an interesting phenomenon – I wonder if research has been done on it.
I think you’re being way too charitable. This guy is ostensibly an IT manager for a large company. And you think he drops into a trance state and starts randomly clicks dialog boxes to consent to installing software?
Sorry, not buying it.
Maybe his machine was getting it’s updates from a WSUS server?
Maybe somebody else installed it for him?
Me, charitable? 🙂
I’ve seen first hand and heard second-hand of IT managers doing much worse. It wouldn’t surprise me, and well, if he came out and said what he said, well, my expectations were already low. The alternative is a Firefox fanboy who wants the company to make the leap at any cost.
Either way, Wilcox shoul dhave known better!
Internet Explorer 7.0 is classified as an ‘Update Rollup’ in Windows Server Update Services. While it’s possible to automatically approve updates in this category, I wouldn’t do so. The default, as I recall, is not to auto-approve anything.
When switching IE7 from ‘Detect Only’ to ‘Install’, the WSUS administrator is then prompted to accept an additional EULA before the WSUS server will start feeding the update to clients. Presumably (I haven’t tried this) it will then install silently on the managed computers to which it is assigned.
As for crashing every time Mark Brugler tried to watch a video, it’s quite likely that QuickTime, Real Player, or Flash was out of date, and therefore didn’t include any necessary compatibility fixes for IE7 – many controls had problems with the new tabbed interface or with other aspects of IE7, where they were actually breaking the ActiveX specs but IE6 didn’t have a problem with it. These pieces of software also frequently have security issues but are not automatically updated. You need to check for new versions yourself. Network admins should subscribe to a general security bulletin feed, for example WatchGuard’s WatchGuard Wire at http://www.watchguard.com/rss/watchguardwire.xml.
To add to all this, I had a few teachers at the school I administer install IE 7 straight from a manual Windows Update while at home to their school laptops. They then wondered why some of their district web sites wouldn’t work….The average user just doesn’t read when they are prompted during an install, the just want to finish.
My solution to their doing a manual update of their laptop while not at school was to use the Microsoft IE7 blocker download from Microsoft. I’ve placed it in a login script to push it to all users. No worries from now on with IE7 until the district approves IE7.
Lastly, I agree with Ed that MS Watch has died on the vine since Mary Jo left. I skim it once a week to see what is being written, but not for serious information.
To be precise, he was right about the firewall thing. XP Home (and maybe Pro) has a firewall that with v1 was not turned on by default. (That’s the case too with Apple’s stuff, lest we forget.)
When I asked MS UK’s managing director why the firewall on XP wasn’t on by default, at its launch when he was bigging it up, he was stumped.
Joe Wilcox is right, that the data about the firewall stuff revealed a larger problem. And this instance might reveal one too: that people install stuff without even knowing what’s going on. It is, as someone commented above, a keyboard dance where you just click to get through the day and stop the darn computer bugging you so you can get some work done.
Charles
I’m inclined to agree that there are many people, even some professed experts (nobody here reading this, I hope), who click to dismiss dialog boxes a little too automatically. I’m getting to the point with Vista where I have to force myself to read the UAC dialog text to make sure I’m not clicking through something that I don’t know about. Actually, I came close to doing that the other day, and was only saved when I realized I didn’t know the program in question (more about this here: http://www.thegline.com/windows/2007/01/uac-unwanted-annoying-crap-not.html). So I don’t think it’s all that improbable that someone clicked through a lot of stuff without reading it … especially if they were only on their first cup of coffee. Improbable, but not really excusable.
Charles, that survey was from December 2004, four months after SP2 was released. It also asked whether XP users knew they had firewall software “installed,” not “enabled.”
Anyway, focusing on those details obscures the larger point that Joe KNEW the respondents were wrong (he says so) yet quotes the survey anyway. Just as he SHOULD KNOW that this commenter is wrong about IE7 but publishes it anyway and then defends his sloppiness.
If you want to make the point that updates can be confusing, then make that point. But the takeaway that readers will get from Joe’s uncorrected post is that Microsoft is forcing people to install IE7 with no choice, when in fact the opposite is true. That’s terrible journalism.
Serdar, did you actually look at the screens in this post? I’m sorry, but if someone clicks through those three dialog boxes and then through another one that offers to install the latest patches for IE before completing the upgrade, then they CANNOT COMPLAIN that it was “forced” on them and they were “not given the choice to install it.” Sheesh.
Wilcox was pretty negative wrt MSFT before coming to the new post, and even though he’s made an effort to be more constructive since, he still comes across as neutral to negative. WRT IE7 and the forced downloads, I’ve seen a lot of ABM idiots say the same thing. However, my own experience – on several machines – was exactly as you describe – multiple opportunities to opt out. IMO, IE7 is a good product and very good catch-up effort by MSFT. It’s still behind overall, and hopefully they don’t sit on their butts for another 5 years, but I’m back using it full-time and looking forward to a timely and feature-rich next release.
I can’t count the number of times Microsoft has downloaded some genuine advantage validation thing on the couple XP computers I use. I don’t count that one as a valid dialog to not install IE7 as lots of stuff “requires” it, or at least it pesters me frequently about allowing it to check. I haven’t ever seen it fail, but I don’t know why it comes down every month or so with the updates.
Our IT department has told us not to install it, probably because it is new, more than because FTP is broken, but as I manage the FTP site, I am happy that they are telling people to not upgrade, so that FTP access it easier. Unfortunately, a number of people have upgraded, and so we now have to support a third-party FTP client, and finding one that is as simple as the explorer interface has been difficult.
I can’t defend an IT “professional” not installing it, as I have purposely not installed it on either of my systems, but since it comes as part of the windows updates that sometimes ask you more questions than just “install”, I don’t find it surprising that people have installed it accidentally.
Other than the first dialog, it is not obvious that this is a major upgrade, as opposed to some security update, unless you count knowing the version number as sufficient notice.
The first dialog, though given that no one reads stuff anyway, should state more clearly that some things will break.
Ed, yes, and point taken. I am scarcely arguing that he has no right to complain if he’s that oblivious. Point also taken about him blithely repeating the notion that IE 7 is not something people have a -choice- to install. (The opening screen does indeed have a button that says “Don’t Install”; in my mind it scarcely gets more obvious than that.)
Sorry, make that “I am scarcely arguing that he has a right to complain” (syntax! syntax!)
If this thread is about IE giving notice before installing, then I agree – as does your firewall and any startup monitors you may have.
If this thread is about unprofessional technical journalism proliferating in the world, then I wholeheartedly agree.
Just today I got my daily “Tip of the Day” from a popular site that suggests users rename their files, placing numbers and special characters in front so Windows sorts them in a different order. There is not one word of warning cautioning users that doing so may break their apps or worse yet, break Windows!
I frequently see new articles that are nothing more than dusted off old articles – like the Video Professor still showing Windows Me disks on TV. Not to mention the guy that considers himself an expert because he successfully added a stick of RAM to his computer without a single ESD event – that he was aware of! ; )
But it is not new. Over 2 years ago, I reported here: http://www.pcmag.com/article2/0,1895,1641374,00.asp – about a senior “SECURITY” editor – connected to the same eweek as Ed’s link above – incorrectly stating Windows Firewall provided both, incoming and outgoing protection – it does not, and never did. I wrote them – no response. A couple people commented about it, and another senior, well known IT expert from ZDNet entered the discussion confirm that WF is only one-way. But I note as of today, AFAIK, no retraction or correction has been printed in the hardcopy, or on the web as seen here: http://www.pcmag.com/article2/0,1895,1641374,00.asp
In the good old days, the organization behind the voice meant something – now, news is old in 10 seconds so the push is to get something out there now, and don’t worry about the facts.
How about this article from By John Pallatto, an editor for a technology trade journal, in eWeek on January 22, 2007.
Excerpt:
Opinion: Microsoft used the January 2007 security update to induce users to try Internet Explorer 7.0 whether they wanted to or not. But after discovering they had been involuntarily upgraded to the new browser, they next found that application incompatibility effectively cut them off from the Internet
Link: http://www.eweek.com/article2/0,1895,2086423,00.asp
Michael,
Thanks! That one is even worse than Joe’s. I spotted at least three huge errors in it. The worst, IMO, is this sentence:
But if you follow the link (ironically, to an article by Joe Wilcox), you discover that it says EXACTLY THE OPPOSITE: “With Internet Explorer 7, Microsoft made some hefty changes to ActiveX controls, turning off a bunch by default and flipping on the security warning switch for many others. If timing means anything, the ActiveX changes are possibly quite important. … Microsoft was right to turn off many ActiveX controls [in IE7]. ”
Oy, what’s happened to eWeek?
I feel that since Joe Wilcox came to Microsoft Watch (and actually even before he came) the site has turned to the “dark side” in otherwords … if they can say anything bad about Microsoft .. they do !
Whether deservedly or NOT !
If feel that they (Microsoft watch) should be now known as “Microsoft Bash”.
Have you seen the article that Mr. Scot Peterson did in early November last year entitled “Is Vista Ready? Not for me !”
where he installed on his computer Windows Vista and did not like it one little bit.
The only thing wrong with the article was that he had tested Vista RC1, what is so bad about that was that RC2 had already come and gone and when the article was done Vista had ALREADY gone RTM.
In otherwords the article was two things:
1. People had generally said that RC1 had quite a few flaws still in it, and therefore Scot Peterson gave it a THUMBS DOWN.
2. The article was woefully OUT OF DATE.
Lastly (I didn’t know it at the time) Mr. Scot Peterson was (and still is) the “EDITOR” of eweek. And a person of that position should have known that RC1 was already old news.
That story got over 55 comments which is the highest that I have seen there, and after that story Scot Peterson didn’t do anymore…. I wonder why (Sarcastic) ??
So why do you think he did the story on RC1 simple…. that way Windows Vista would get “bad press” out of it when the story was distributed around the internet.
And with a sister site like “Linux Watch” well…. you should have look that all I can say, talk about HATING microsoft, it’s what you Americans would say was a “National Sport”.
Eweek, Microsoft Watch and Linux Watch are all tarred with the same brush I’m afraid, they are all pretty much biased against microsoft, and a lot of the commenters there are not liking it either (which includes me) !
Neil Cocks
Computer User
Australia
Its my turn to complain about poor reporting, but my complaint is with InformationWeek and a Symantec spokesman. See http://securitygarden.blogspot.com/2007/01/sensationalism-irresponsible-journalism.html
and repeated at http://www.tomcoyote.org/security/sensationalism-irresponsible-journalism-or-microsoft-bashing/60/
While I’m personally ambivalent about MS and Vista (too expensive and too-high expectations), I’m more concerned with the state of the IT press.
eWeek’s thinner and thinner and, since Peter Coffee’s retiring his column, they should just send out a pdf of Spencer Katt and call it a day. They, like journalists everywhere, have fallen into the trap of there being two “sides” to a story: MS vs. Netscape. MS vs. Linux. Ballmer vs. Google.
In the back of their minds, the IT press has to know that reality is complex, very complex, and that an IT decision very seldom falls on neat ideological lines. But they like the quick headline, “Bugs in Vista”, “IE7 Takes Over Your Computer”, “Linux Vs. Windows Showdown”.
And through it all, when I see the big ads from Intel and MS featuring Chinese office parks in the trade mags, I know this is a fraud anyway. People like Peterson will go on to the next manufactured outrage and forget all about Vista and IE7 in a month.
Take care,
Dave