Microsoft updates Windows without users' consent

  • Thread starter Thread starter Silicon neuron
  • Start date Start date
S

Silicon neuron

Guest
http://windowssecrets.com/comp/070913/#story1

By Scott Dunn

Microsoft has begun patching files on Windows XP and Vista without users'
knowledge, even when the users have turned off auto-updates.

Many companies require testing of patches before they are widely installed,
and businesses in this situation are objecting to the stealth patching.


Files changed with no notice to users

In recent days, Windows Update (WU) started altering files on users' systems
without displaying any dialog box to request permission. The only files that
have been reportedly altered to date are nine small executables on XP and
nine on Vista that are used by WU itself. Microsoft is patching these files
silently, even if auto-updates have been disabled on a particular PC.

It's surprising that these files can be changed without the user's
knowledge. The Automatic Updates dialog box in the Control Panel can be set
to prevent updates from being installed automatically. However, with
Microsoft's latest stealth move, updates to the WU executables seem to be
installed regardless of the settings - without notifying users.

When users launch Windows Update, Microsoft's online service can check the
version of its executables on the PC and update them if necessary. What's
unusual is that people are reporting changes in these files although WU
wasn't authorized to install anything.

This isn't the first time Microsoft has pushed updates out to users who
prefer to test and install their updates manually. Not long ago, another
Windows component, svchost.exe, was causing problems with Windows Update, as
last reported on June 21 in the Windows Secrets Newsletter. In that case,
however, the Windows Update site notified users that updated software had to
be installed before the patching process could proceed. This time, such a
notice never appears.

For users who elect not to have updates installed automatically, the issue
of consent is crucial. Microsoft has apparently decided, however, that it
doesn't need permission to patch Windows Updates files, even if you've set
your preferences to require it.

Microsoft provides no tech information - yet

To make matters even stranger, a search on Microsoft's Web site reveals no
information at all on the stealth updates. Let's say you wished to
voluntarily download and install the new WU executable files when you were,
for example, reinstalling a system. You'd be hard-pressed to find the
updated files in order to download them. At this writing, you either get a
stealth install or nothing.

A few Web forums have already started to discuss the updated files, which
bear the version number 7.0.6000.381. The only explanation found at
Microsoft's site comes from a user identified as Dean-Dean on a Microsoft
Communities forum. In reply to a question, he states:

"Windows Update Software 7.0.6000.381 is an update to Windows Update itself.
It is an update for both Windows XP and Windows Vista. Unless the update is
installed, Windows Update won't work, at least in terms of searching for
further updates. Normal use of Windows Update, in other words, is blocked
until this update is installed."

Windows Secrets contributing editor Susan Bradley contacted Microsoft
Partner Support about the update and received this short reply:


"7.0.6000.381 is a consumer only release that addresses some specific issues
found after .374 was released. It will not be available via WSUS [Windows
Server Update Services]. A standalone installer and the redist will be
available soon, I will keep an eye on it and notify you when it is
available."

Unfortunately, this reply does not explain why the stealth patching began
with so little information provided to customers. Nor does it provide any
details on the "specific issues" that the update supposedly addresses.

System logs confirm stealth installs

In his forum post, Dean-Dean names several files that are changed on XP and
Vista. The patching process updates several Windows\System32 executables
(with the extensions .exe, .dll, and .cpl) to version 7.0.6000.381,
according to the post.

In Vista, the following files are updated:

1. wuapi.dll
2. wuapp.exe
3. wuauclt.exe
4. wuaueng.dll
5. wucltux.dll
6. wudriver.dll
7. wups.dll
8. wups2.dll
9. wuwebv.dll

In XP, the following files are updated:

1. cdm.dll
2. wuapi.dll
3. wuauclt.exe
4. wuaucpl.cpl
5. wuaueng.dll
6. wucltui.dll
7. wups.dll
8. wups2.dll
9. wuweb.dll

These files are by no means viruses, and Microsoft appears to have no
malicious intent in patching them. However, writing files to a user's PC
without notice (when auto-updating has been turned off) is behavior that's
usually associated with hacker Web sites. The question being raised in
discussion forums is, "Why is Microsoft operating in this way?"

How to check which version your PC has

If a system has been patched in the past few months, the nine executables in
Windows\System32 will either show an earlier version number, 7.0.6000.374,
or the stealth patch: 7.0.6000.381. (The version numbers can be seen by
right-clicking a file and choosing Properties. In XP, click the Version tab
and then select File Version. In Vista, click the Details tab.)

In addition, PCs that received the update will have new executables in
subfolders named 7.0.6000.381 under the following folders:

c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups.dll
c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll

Users can also verify whether patching occurred by checking Windows' Event
Log:

Step 1. In XP, click Start, Run.

Step 2. Type eventvwr.msc and press Enter.

Step 3. In the tree pane on the left, select System.

Step 4. The right pane displays events and several details about them. Event
types such as "Installation" are labeled in the Category column. "Windows
Update Agent" is the event typically listed in the Source column for system
patches.

On systems that were checked recently by Windows Secrets readers, the Event
Log shows two installation events on Aug. 24. The files were stealth-updated
in the early morning hours. (The time stamp will vary, of course, on
machines that received the patch on other dates.)

To investigate further, you can open the Event Log's properties for each
event. Normally, when a Windows update event occurs, the properties dialog
box shows an associated KB number, enabling you to find more information at
Microsoft's Web site. Mysteriously, no KB number is given for the WU updates
that began in August. The description merely reads, "Installation
Successful: Windows successfully installed the following update: Automatic
Updates."

No need to roll back the updated files

Again, it's important to note that there's nothing harmful about the updated
files themselves. There are no reports of software conflicts and no reason
to remove the files (which WU apparently needs in order to access the latest
patches). The only concern is the mechanism Microsoft is using to perform
its patching, and how this mechanism might be used by the software giant in
the future.

I'd like to thank reader Angus Scott-Fleming for his help in researching
this topic. He recommends that advanced Windows users monitor changes to
their systems' Registry settings via a free program by Olivier Lombart
called Tiny Watcher. Scott-Fleming will receive a gift certificate for a
book, CD, or DVD of his choice for sending in a comment we printed.

I'll report further on this story when I'm able to find more information on
the policies and techniques behind Windows Update's silent patches. Send me
your tips on this subject via the Windows Secrets contact page.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He is also
a contributing editor of PC World Magazine, where he has written a monthly
column since 1992, and co-author of 101 Windows Tips & Tricks (Peachpit)
with Jesse Berst and Charles Bermant.
 
Re: Microsoft updates Windows without users' consent

Silicon neuron wrote:
>
>
> Microsoft has begun patching files on Windows XP and Vista without users'
> knowledge, even when the users have turned off auto-updates.
>
>



Actually, this is *not* being done _without_ user consent. Just the
opposite. Every user of each operating systems has been given advance
notice that such things could happen, and has consented to it.

Read the Vista EULA. Section 7 makes it clear that this could happen:

========================================================================

7. INTERNET-BASED SERVICES. Microsoft provides Internet-based services
with the software. It may *change* or cancel them at any time.
a. Consent for Internet-Based Services. The software features
described below and in the Windows Vista Privacy Statement connect to
Microsoft or service provider computer systems over the Internet. *In
some cases, you will not receive a separate notice when they connect.*
You may switch off these features or not use them. For more information
about these features, see the Windows Vista Privacy Statement at
http://go.microsoft.com/fwlink/?linkid=20615. By using these features,
you consent to the transmission of this information. Microsoft does not
use the information to identify or contact you.

========================================================================
(Emphasis mine)

The WinXP EULA also made this clear:

========================================================================

Internet-Based Services Components. The SOFTWARE contains
components that enable and facilitate the use of certain
Internet-based services. You acknowledge and agree that
MS, Microsoft Corporation or their subsidiaries may
automatically check the version of the SOFTWARE and/or
its components that you are utilizing and may provide
upgrades or supplements to the SOFTWARE that may be
*automatically* downloaded to your COMPUTER.

========================================================================
(Again, emphasis mine)


Do I approve of this practice? Not really. I'd prefer to know about
each and every change as it happens, just on the off chance that, if a
problem occurs, I've better information on which to base my
troubleshooting. But I'm an exception; most people simply don't want to
know about technical details of how the OS is working.


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrand Russell
 
Re: Microsoft updates Windows without users' consent

On Thu, 13 Sep 2007 10:05:43 -0600, Bruce Chambers
<bchambers@cable0ne.n3t> wrote:

>Silicon neuron wrote:
>>
>>
>> Microsoft has begun patching files on Windows XP and Vista without users'
>> knowledge, even when the users have turned off auto-updates.


> Actually, this is *not* being done _without_ user consent. Just the
>opposite. Every user of each operating systems has been given advance
>notice that such things could happen, and has consented to it.
>
>Read the Vista EULA. Section 7 makes it clear that this could happen:


Yea sure, and I bet most people aren't aware that buried deep in the
EULA Microsoft claims the right to your first born and anybody in
Redmond above a certain rank can have sex with your wife or girl
friend if a there's a fifth Saturday in any month. Better check your
calendar. ;-)
 
Re: Microsoft updates Windows without users' consent

Adam Albright wrote:
> On Thu, 13 Sep 2007 10:05:43 -0600, Bruce Chambers
> <bchambers@cable0ne.n3t> wrote:
>
>> Silicon neuron wrote:
>>>
>>> Microsoft has begun patching files on Windows XP and Vista without users'
>>> knowledge, even when the users have turned off auto-updates.

>
>> Actually, this is *not* being done _without_ user consent. Just the
>> opposite. Every user of each operating systems has been given advance
>> notice that such things could happen, and has consented to it.
>>
>> Read the Vista EULA. Section 7 makes it clear that this could happen:

>
> Yea sure, and I bet most people aren't aware that buried deep in the
> EULA Microsoft claims the right to your first born and anybody in
> Redmond above a certain rank can have sex with your wife or girl
> friend if a there's a fifth Saturday in any month. Better check your
> calendar. ;-)
>



Sarcasm aside, I'm glad to see that for once you agree that the EULA
does so stipulate and that all users have given their consent. It's not
often you let facts get in the way of your rabid anti-Microsoft stance.


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrand Russell
 
Re: Microsoft updates Windows without users' consent

Atta boy Bruce!
"Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message
news:ecNoKxi9HHA.5684@TK2MSFTNGP05.phx.gbl...
> Adam Albright wrote:
>> On Thu, 13 Sep 2007 10:05:43 -0600, Bruce Chambers
>> <bchambers@cable0ne.n3t> wrote:
>>
>>> Silicon neuron wrote:
>>>>
>>>> Microsoft has begun patching files on Windows XP and Vista without
>>>> users' knowledge, even when the users have turned off auto-updates.

>>
>>> Actually, this is *not* being done _without_ user consent. Just the
>>> opposite. Every user of each operating systems has been given advance
>>> notice that such things could happen, and has consented to it.
>>>
>>> Read the Vista EULA. Section 7 makes it clear that this could happen:

>>
>> Yea sure, and I bet most people aren't aware that buried deep in the
>> EULA Microsoft claims the right to your first born and anybody in
>> Redmond above a certain rank can have sex with your wife or girl
>> friend if a there's a fifth Saturday in any month. Better check your
>> calendar. ;-)
>>

>
>
> Sarcasm aside, I'm glad to see that for once you agree that the EULA does
> so stipulate and that all users have given their consent. It's not often
> you let facts get in the way of your rabid anti-Microsoft stance.
>
>
> --
>
> Bruce Chambers
>
> Help us help you:
> http://dts-l.org/goodpost.htm
> http://www.catb.org/~esr/faqs/smart-questions.html
>
> They that can give up essential liberty to obtain a little temporary
> safety deserve neither liberty nor safety. -Benjamin Franklin
>
> Many people would rather die than think; in fact, most do. -Bertrand
> Russell
 
Re: Microsoft updates Windows without users' consent

On Thu, 13 Sep 2007 11:34:11 -0600, Bruce Chambers
<bchambers@cable0ne.n3t> wrote:

>Adam Albright wrote:
>> On Thu, 13 Sep 2007 10:05:43 -0600, Bruce Chambers
>> <bchambers@cable0ne.n3t> wrote:
>>
>>> Silicon neuron wrote:
>>>>
>>>> Microsoft has begun patching files on Windows XP and Vista without users'
>>>> knowledge, even when the users have turned off auto-updates.

>>
>>> Actually, this is *not* being done _without_ user consent. Just the
>>> opposite. Every user of each operating systems has been given advance
>>> notice that such things could happen, and has consented to it.
>>>
>>> Read the Vista EULA. Section 7 makes it clear that this could happen:

>>
>> Yea sure, and I bet most people aren't aware that buried deep in the
>> EULA Microsoft claims the right to your first born and anybody in
>> Redmond above a certain rank can have sex with your wife or girl
>> friend if a there's a fifth Saturday in any month. Better check your
>> calendar. ;-)
>>

>
>
> Sarcasm aside, I'm glad to see that for once you agree that the EULA
>does so stipulate and that all users have given their consent. It's not
>often you let facts get in the way of your rabid anti-Microsoft stance.


Me anti Microsoft? Hardly as I've said many times I wouldn't be a
stockholder in a company I don't like. I simply wish they would clean
up their act. What I find fascinating is how fanboys automatically
stick their heads in the sand and just ignore all the failings in
Vista and the anti-customer stance Microsoft has had since say one.

As far as any EULA, they are like the fine print on insurance polices.
NOBODY reads them or for that matter could understand half the double
talk contained there in.
 
Re: Microsoft updates Windows without users' consent

How Windows Update Keeps Itself Up-to-Date
http://blogs.technet.com/mu/archive/2007/09/13/how-windows-update-keeps-itself-up-to-date.aspx

"Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message
news:ecNoKxi9HHA.5684@TK2MSFTNGP05.phx.gbl...
| Adam Albright wrote:
| > On Thu, 13 Sep 2007 10:05:43 -0600, Bruce Chambers
| > <bchambers@cable0ne.n3t> wrote:
| >
| >> Silicon neuron wrote:
| >>>
| >>> Microsoft has begun patching files on Windows XP and Vista without
users'
| >>> knowledge, even when the users have turned off auto-updates.
| >
| >> Actually, this is *not* being done _without_ user consent. Just the
| >> opposite. Every user of each operating systems has been given advance
| >> notice that such things could happen, and has consented to it.
| >>
| >> Read the Vista EULA. Section 7 makes it clear that this could happen:
| >
| > Yea sure, and I bet most people aren't aware that buried deep in the
| > EULA Microsoft claims the right to your first born and anybody in
| > Redmond above a certain rank can have sex with your wife or girl
| > friend if a there's a fifth Saturday in any month. Better check your
| > calendar. ;-)
| >
|
|
| Sarcasm aside, I'm glad to see that for once you agree that the EULA
| does so stipulate and that all users have given their consent. It's not
| often you let facts get in the way of your rabid anti-Microsoft stance.
|
|
| --
|
| Bruce Chambers
|
| Help us help you:
| http://dts-l.org/goodpost.htm
| http://www.catb.org/~esr/faqs/smart-questions.html
|
| They that can give up essential liberty to obtain a little temporary
| safety deserve neither liberty nor safety. -Benjamin Franklin
|
| Many people would rather die than think; in fact, most do. -Bertrand
Russell
 
Re: Microsoft updates Windows without users' consent

Adam Albright wrote:
>
>
> As far as any EULA, they are like the fine print on insurance polices.
> NOBODY reads them or for that matter could understand half the double
> talk contained there in.
>



"Nobody?" What planet do you live on? I read every contract I'm asked
to sign. I seek legal advice for any portions I don't understand. Don't
you? Are you saying that the *everyone* is too stupid or too lazy to
look out for their own interests? And I though I had a dim view of the
general public.

Regardless, the signer's not having bothered to read a contract doesn't
make that contract any less binding.

Oh, and the Windows EULA is written at what I'd consider an 8th grade
(A 1960's era American public school 8th grade, that is; probably closer
to today's high school level, now. Nevertheless the average McDonalds
burger-flipper should have no trouble with it.) reading level. It's not
at all confusing to the functionally literate.


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrand Russell
 
Re: Microsoft updates Windows without users' consent

Bruce Chambers <bchambers@cable0ne.n3t> wrote:

> Sarcasm aside, I'm glad to see that for once you agree that the EULA
>does so stipulate and that all users have given their consent. It's not
>often you let facts get in the way of your rabid anti-Microsoft stance.


"Giving consent" in this context is nebulous. None of us reads every
EULA we see, we just click the "I agree" button.

And for an operating system's EULA, most people aren't even aware that
it exists. They open the box, setup their new computer, and turn it
on. They click any buttons they need to to get through the setup.

--
Tim Slattery
MS MVP(DTS)
Slattery_T@bls.gov
http://members.cox.net/slatteryt
 
Re: Microsoft updates Windows without users' consent

Bruce Chambers <bchambers@cable0ne.n3t> wrote:

>Adam Albright wrote:


>> As far as any EULA, they are like the fine print on insurance polices.
>> NOBODY reads them or for that matter could understand half the double
>> talk contained there in.


> "Nobody?" What planet do you live on? I read every contract I'm asked
>to sign. I seek legal advice for any portions I don't understand. Don't
>you? Are you saying that the *everyone* is too stupid or too lazy to
>look out for their own interests? And I though I had a dim view of the
>general public.


Do you read every single EULA you run into? Do you have time to do
anything else?

--
Tim Slattery
MS MVP(DTS)
Slattery_T@bls.gov
http://members.cox.net/slatteryt
 
Re: Microsoft updates Windows without users' consent

An explanation of Windows Update automatic updating:
http://windowsvistablog.com/blogs/w...tion-of-windows-update-automatic-updates.aspx

The above Vista Team blog entry seems to be a little more transparent:

<QP>
This self-updating is done regardless of whether the user has enabled
automatic checking, download and/or installation of updates. It does so in
an effort to avoid WU misleading the user to think s/he is up-to-date simply
because s/he was not receiving notification that updates are available. Put
another way, WU cannot alert the user that there are security updates
available if it is not in the necessary updated state that will allow it to
recognize those updates...
</QP>
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE, OE, Security, Shell/User) since 2002
AumHa VSOP & Admin http://aumha.net; DTS-L http://dts-l.org/


Tom [Pepper] Willett wrote:
> How Windows Update Keeps Itself Up-to-Date
> http://blogs.technet.com/mu/archive/2007/09/13/how-windows-update-keeps-itself-up-to-date.aspx
>
> "Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message
> news:ecNoKxi9HHA.5684@TK2MSFTNGP05.phx.gbl...
>> Adam Albright wrote:
>>> On Thu, 13 Sep 2007 10:05:43 -0600, Bruce Chambers
>>> <bchambers@cable0ne.n3t> wrote:
>>>
>>>> Silicon neuron wrote:
>>>>>
>>>>> Microsoft has begun patching files on Windows XP and Vista without
>>>>> users' knowledge, even when the users have turned off auto-updates.
>>>
>>>> Actually, this is *not* being done _without_ user consent. Just the
>>>> opposite. Every user of each operating systems has been given advance
>>>> notice that such things could happen, and has consented to it.
>>>>
>>>> Read the Vista EULA. Section 7 makes it clear that this could happen:
>>>
>>> Yea sure, and I bet most people aren't aware that buried deep in the
>>> EULA Microsoft claims the right to your first born and anybody in
>>> Redmond above a certain rank can have sex with your wife or girl
>>> friend if a there's a fifth Saturday in any month. Better check your
>>> calendar. ;-)
>>>

>>
>>
>> Sarcasm aside, I'm glad to see that for once you agree that the EULA
>> does so stipulate and that all users have given their consent. It's not
>> often you let facts get in the way of your rabid anti-Microsoft stance.
>>
>>
>> --
>>
>> Bruce Chambers
>>
>> Help us help you:
>> http://dts-l.org/goodpost.htm
>> http://www.catb.org/~esr/faqs/smart-questions.html
>>
>> They that can give up essential liberty to obtain a little temporary
>> safety deserve neither liberty nor safety. -Benjamin Franklin
>>
>> Many people would rather die than think; in fact, most do. -Bertrand
>> Russell
 
Re: Microsoft updates Windows without users' consent


This is just the pratice run. Next time MS will also try disabling any
systems it thinks is using pirated software!! Watch the space!!!


Silicon neuron wrote:
>
> http://windowssecrets.com/comp/070913/#story1
>
> By Scott Dunn
>
> Microsoft has begun patching files on Windows XP and Vista without users'
> knowledge, even when the users have turned off auto-updates.
>
> Many companies require testing of patches before they are widely installed,
> and businesses in this situation are objecting to the stealth patching.
>
> Files changed with no notice to users
>
> In recent days, Windows Update (WU) started altering files on users' systems
> without displaying any dialog box to request permission. The only files that
> have been reportedly altered to date are nine small executables on XP and
> nine on Vista that are used by WU itself. Microsoft is patching these files
> silently, even if auto-updates have been disabled on a particular PC.
>
> It's surprising that these files can be changed without the user's
> knowledge. The Automatic Updates dialog box in the Control Panel can be set
> to prevent updates from being installed automatically. However, with
> Microsoft's latest stealth move, updates to the WU executables seem to be
> installed regardless of the settings - without notifying users.
>
> When users launch Windows Update, Microsoft's online service can check the
> version of its executables on the PC and update them if necessary. What's
> unusual is that people are reporting changes in these files although WU
> wasn't authorized to install anything.
>
> This isn't the first time Microsoft has pushed updates out to users who
> prefer to test and install their updates manually. Not long ago, another
> Windows component, svchost.exe, was causing problems with Windows Update, as
> last reported on June 21 in the Windows Secrets Newsletter. In that case,
> however, the Windows Update site notified users that updated software had to
> be installed before the patching process could proceed. This time, such a
> notice never appears.
>
> For users who elect not to have updates installed automatically, the issue
> of consent is crucial. Microsoft has apparently decided, however, that it
> doesn't need permission to patch Windows Updates files, even if you've set
> your preferences to require it.
>
> Microsoft provides no tech information - yet
>
> To make matters even stranger, a search on Microsoft's Web site reveals no
> information at all on the stealth updates. Let's say you wished to
> voluntarily download and install the new WU executable files when you were,
> for example, reinstalling a system. You'd be hard-pressed to find the
> updated files in order to download them. At this writing, you either get a
> stealth install or nothing.
>
> A few Web forums have already started to discuss the updated files, which
> bear the version number 7.0.6000.381. The only explanation found at
> Microsoft's site comes from a user identified as Dean-Dean on a Microsoft
> Communities forum. In reply to a question, he states:
>
> "Windows Update Software 7.0.6000.381 is an update to Windows Update itself.
> It is an update for both Windows XP and Windows Vista. Unless the update is
> installed, Windows Update won't work, at least in terms of searching for
> further updates. Normal use of Windows Update, in other words, is blocked
> until this update is installed."
>
> Windows Secrets contributing editor Susan Bradley contacted Microsoft
> Partner Support about the update and received this short reply:
>
> "7.0.6000.381 is a consumer only release that addresses some specific issues
> found after .374 was released. It will not be available via WSUS [Windows
> Server Update Services]. A standalone installer and the redist will be
> available soon, I will keep an eye on it and notify you when it is
> available."
>
> Unfortunately, this reply does not explain why the stealth patching began
> with so little information provided to customers. Nor does it provide any
> details on the "specific issues" that the update supposedly addresses.
>
> System logs confirm stealth installs
>
> In his forum post, Dean-Dean names several files that are changed on XP and
> Vista. The patching process updates several Windows\System32 executables
> (with the extensions .exe, .dll, and .cpl) to version 7.0.6000.381,
> according to the post.
>
> In Vista, the following files are updated:
>
> 1. wuapi.dll
> 2. wuapp.exe
> 3. wuauclt.exe
> 4. wuaueng.dll
> 5. wucltux.dll
> 6. wudriver.dll
> 7. wups.dll
> 8. wups2.dll
> 9. wuwebv.dll
>
> In XP, the following files are updated:
>
> 1. cdm.dll
> 2. wuapi.dll
> 3. wuauclt.exe
> 4. wuaucpl.cpl
> 5. wuaueng.dll
> 6. wucltui.dll
> 7. wups.dll
> 8. wups2.dll
> 9. wuweb.dll
>
> These files are by no means viruses, and Microsoft appears to have no
> malicious intent in patching them. However, writing files to a user's PC
> without notice (when auto-updating has been turned off) is behavior that's
> usually associated with hacker Web sites. The question being raised in
> discussion forums is, "Why is Microsoft operating in this way?"
>
> How to check which version your PC has
>
> If a system has been patched in the past few months, the nine executables in
> Windows\System32 will either show an earlier version number, 7.0.6000.374,
> or the stealth patch: 7.0.6000.381. (The version numbers can be seen by
> right-clicking a file and choosing Properties. In XP, click the Version tab
> and then select File Version. In Vista, click the Details tab.)
>
> In addition, PCs that received the update will have new executables in
> subfolders named 7.0.6000.381 under the following folders:
>
> c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups.dll
> c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll
>
> Users can also verify whether patching occurred by checking Windows' Event
> Log:
>
> Step 1. In XP, click Start, Run.
>
> Step 2. Type eventvwr.msc and press Enter.
>
> Step 3. In the tree pane on the left, select System.
>
> Step 4. The right pane displays events and several details about them. Event
> types such as "Installation" are labeled in the Category column. "Windows
> Update Agent" is the event typically listed in the Source column for system
> patches.
>
> On systems that were checked recently by Windows Secrets readers, the Event
> Log shows two installation events on Aug. 24. The files were stealth-updated
> in the early morning hours. (The time stamp will vary, of course, on
> machines that received the patch on other dates.)
>
> To investigate further, you can open the Event Log's properties for each
> event. Normally, when a Windows update event occurs, the properties dialog
> box shows an associated KB number, enabling you to find more information at
> Microsoft's Web site. Mysteriously, no KB number is given for the WU updates
> that began in August. The description merely reads, "Installation
> Successful: Windows successfully installed the following update: Automatic
> Updates."
>
> No need to roll back the updated files
>
> Again, it's important to note that there's nothing harmful about the updated
> files themselves. There are no reports of software conflicts and no reason
> to remove the files (which WU apparently needs in order to access the latest
> patches). The only concern is the mechanism Microsoft is using to perform
> its patching, and how this mechanism might be used by the software giant in
> the future.
>
> I'd like to thank reader Angus Scott-Fleming for his help in researching
> this topic. He recommends that advanced Windows users monitor changes to
> their systems' Registry settings via a free program by Olivier Lombart
> called Tiny Watcher. Scott-Fleming will receive a gift certificate for a
> book, CD, or DVD of his choice for sending in a comment we printed.
>
> I'll report further on this story when I'm able to find more information on
> the policies and techniques behind Windows Update's silent patches. Send me
> your tips on this subject via the Windows Secrets contact page.
>
> Scott Dunn is associate editor of the Windows Secrets Newsletter. He is also
> a contributing editor of PC World Magazine, where he has written a monthly
> column since 1992, and co-author of 101 Windows Tips & Tricks (Peachpit)
> with Jesse Berst and Charles Bermant.
 
Re: Microsoft updates Windows without users' consent

Tim,

I agree with you. I'm surprised MS hasn't put a printed copy of the EULA
right with the software in such a way that in order to use the software the
user would *have* to at least see there is a piece of paper there. Whether
they choose to read it or not is for another thread.

I honestly don't understand all the *itching about MS, and their products.
If you don't like their products, policies, etc., go somewhere else. Nobody
is forcing anyone to "buy" MS products or policies.

And before anyone asks, I'm not "an *ss-kissing MVP" either!

--
HTH,
Curt

Windows Support Center
www.aumha.org
Practically Nerded,...
http://dundats.mvps.org/Index.htm

"Tim Slattery" <Slattery_T@bls.gov> wrote in message
news:ic6je3hr0aqntredv5his1onh2rk9ckq4d@4ax.com...
| Bruce Chambers <bchambers@cable0ne.n3t> wrote:
|
| > Sarcasm aside, I'm glad to see that for once you agree that the EULA
| >does so stipulate and that all users have given their consent. It's not
| >often you let facts get in the way of your rabid anti-Microsoft stance.
|
| "Giving consent" in this context is nebulous. None of us reads every
| EULA we see, we just click the "I agree" button.
|
| And for an operating system's EULA, most people aren't even aware that
| it exists. They open the box, setup their new computer, and turn it
| on. They click any buttons they need to to get through the setup.
|
| --
| Tim Slattery
| MS MVP(DTS)
| Slattery_T@bls.gov
| http://members.cox.net/slatteryt
 
Re: Microsoft updates Windows without users' consent

My guess is reading every EULA with every word is the exception, but some do
it.
I seldom read every word but I attempt to read what I think might be
significant.

However if I would hear of something that seems unusual, I would and have
read more thoroughly to see if there was something I may have missed.

In any case I can hardly blame something I was unaware when it was stated in
a document I chose to partially read or not read.

--
Jupiter Jones [MVP]
Windows Server System - Microsoft Update Services
http://www3.telus.net/dandemar


"Tim Slattery" <Slattery_T@bls.gov> wrote in message
news:8h6je3pst120sa1695sefvapkg985iaad0@4ax.com...
> Do you read every single EULA you run into? Do you have time to do
> anything else?
>
> --
> Tim Slattery
> MS MVP(DTS)
> Slattery_T@bls.gov
> http://members.cox.net/slatteryt
 
Re: Microsoft updates Windows without users' consent

The sky is falling!!

--

Curt

Windows Support Center
www.aumha.org
Practically Nerded,...
http://dundats.mvps.org/Index.htm

"Kevin Brunt (Fat Baztard)" <Kevin.Brunt@MSproducts.com> wrote in message
news:46E9A183.14926934@NEWSGROUPS.COM...
|
| This is just the pratice run. Next time MS will also try disabling any
| systems it thinks is using pirated software!! Watch the space!!!
 
Re: Microsoft updates Windows without users' consent

This is getting to be as bad as all those worried about all the electrons
being wasted by double posting.
"Curt Christianson" <curtchristnsn@NOSPAM.Yahoo.com> wrote in message
news:erfW0Al9HHA.5840@TK2MSFTNGP03.phx.gbl...
> The sky is falling!!
>
> --
>
> Curt
>
> Windows Support Center
> www.aumha.org
> Practically Nerded,...
> http://dundats.mvps.org/Index.htm
>
> "Kevin Brunt (Fat Baztard)" <Kevin.Brunt@MSproducts.com> wrote in message
> news:46E9A183.14926934@NEWSGROUPS.COM...
> |
> | This is just the pratice run. Next time MS will also try disabling any
> | systems it thinks is using pirated software!! Watch the space!!!
>
>
 
Re: Microsoft updates Windows without users' consent

>> "Kevin Brunt (Fat Baztard)" <Kevin.Brunt@MSproducts.com> wrote in message
>> news:46E9A183.14926934@NEWSGROUPS.COM...
>> |
>> | This is just the pratice run. Next time MS will also try disabling any
>> | systems it thinks is using pirated software!! Watch the space!!!


Actually, they already can.

One of the big "improvements" with Vista is that it gives Microsoft the
ability to disable hardware drivers and whole systems that it feels is not
appropriate for use.

In other words, they could detect that you have Alcohol 120% on your system
and shut you down.
 
Re: Microsoft updates Windows without users' consent

Adam Albright wrote:

>
>
> Me anti Microsoft?


Totally!

Hardly as I've said many times I wouldn't be a
> stockholder in a company I don't like.


Don't make me laugh!

I simply wish they would clean
> up their act.


Start with yourself!

What I find fascinating is how fanboys automatically
> stick their heads in the sand and just ignore all the failings in
> Vista and the anti-customer stance Microsoft has had since say one.


Still can't get that one little in place (bad move!) upgrade install of
Vista business to run correctly, huh?
So blame MS for your stupidity and incompetence right?

>
> As far as any EULA, they are like the fine print on insurance polices.
> NOBODY reads them or for that matter could understand half the double
> talk contained there in.
>

Especially a village idiot like you!
Frank
 
Re: Microsoft updates Windows without users' consent

On Thu, 13 Sep 2007 13:46:09 -0600, Bruce Chambers
<bchambers@cable0ne.n3t> wrote:

>Adam Albright wrote:
>>
>>
>> As far as any EULA, they are like the fine print on insurance polices.
>> NOBODY reads them or for that matter could understand half the double
>> talk contained there in.
>>

>
>
> "Nobody?" What planet do you live on? I read every contract I'm asked
>to sign. I seek legal advice for any portions I don't understand.


Sure right, next thing you'll try to tell us is you count the paper
clips in each box to make sure there's a 100 and of course your count
the issues on each roll of toilet paper to be sure there are a 1,000.

>Don't you? Are you saying that the *everyone* is too stupid or too lazy to
>look out for their own interests? And I though I had a dim view of the
>general public.


I have a dim view of FANBODYS because they proved themselves to be
total idiots judging the crap they post to this goofy newsgroup. You
obviously are no exception to that rule.

> Regardless, the signer's not having bothered to read a contract doesn't
>make that contract any less binding.


Hey bub, trying to play attorney now? A EULA technically isn't a
contract and it's legal weight has yet to be tested in the courts.
Again you being just a moronic fanboy immediately accept whatever crap
Microsoft shovels your way as gospel.
>
> Oh, and the Windows EULA is written at what I'd consider an 8th grade
>(A 1960's era American public school 8th grade, that is; probably closer
>to today's high school level, now. Nevertheless the average McDonalds
>burger-flipper should have no trouble with it.) reading level. It's not
>at all confusing to the functionally literate.


Oh please... a document can be written at a fourth grade level and
still be deliberately misleading, vague and contradictory.
 
Re: Microsoft updates Windows without users' consent

Relax, It's Only An Updated Version Of Windows Update, All Other Files Were
Left Unchanged, Just FYI.

"Silicon neuron" <sili@gmail.com> wrote in message
news:46e8fcec@newsgate.x-privat.org...
> http://windowssecrets.com/comp/070913/#story1
>
> By Scott Dunn
>
> Microsoft has begun patching files on Windows XP and Vista without users'
> knowledge, even when the users have turned off auto-updates.
>
> Many companies require testing of patches before they are widely
> installed, and businesses in this situation are objecting to the stealth
> patching.
>
>
> Files changed with no notice to users
>
> In recent days, Windows Update (WU) started altering files on users'
> systems without displaying any dialog box to request permission. The only
> files that have been reportedly altered to date are nine small executables
> on XP and nine on Vista that are used by WU itself. Microsoft is patching
> these files silently, even if auto-updates have been disabled on a
> particular PC.
>
> It's surprising that these files can be changed without the user's
> knowledge. The Automatic Updates dialog box in the Control Panel can be
> set to prevent updates from being installed automatically. However, with
> Microsoft's latest stealth move, updates to the WU executables seem to be
> installed regardless of the settings - without notifying users.
>
> When users launch Windows Update, Microsoft's online service can check the
> version of its executables on the PC and update them if necessary. What's
> unusual is that people are reporting changes in these files although WU
> wasn't authorized to install anything.
>
> This isn't the first time Microsoft has pushed updates out to users who
> prefer to test and install their updates manually. Not long ago, another
> Windows component, svchost.exe, was causing problems with Windows Update,
> as last reported on June 21 in the Windows Secrets Newsletter. In that
> case, however, the Windows Update site notified users that updated
> software had to be installed before the patching process could proceed.
> This time, such a notice never appears.
>
> For users who elect not to have updates installed automatically, the issue
> of consent is crucial. Microsoft has apparently decided, however, that it
> doesn't need permission to patch Windows Updates files, even if you've set
> your preferences to require it.
>
> Microsoft provides no tech information - yet
>
> To make matters even stranger, a search on Microsoft's Web site reveals no
> information at all on the stealth updates. Let's say you wished to
> voluntarily download and install the new WU executable files when you
> were, for example, reinstalling a system. You'd be hard-pressed to find
> the updated files in order to download them. At this writing, you either
> get a stealth install or nothing.
>
> A few Web forums have already started to discuss the updated files, which
> bear the version number 7.0.6000.381. The only explanation found at
> Microsoft's site comes from a user identified as Dean-Dean on a Microsoft
> Communities forum. In reply to a question, he states:
>
> "Windows Update Software 7.0.6000.381 is an update to Windows Update
> itself. It is an update for both Windows XP and Windows Vista. Unless the
> update is installed, Windows Update won't work, at least in terms of
> searching for further updates. Normal use of Windows Update, in other
> words, is blocked until this update is installed."
>
> Windows Secrets contributing editor Susan Bradley contacted Microsoft
> Partner Support about the update and received this short reply:
>
>
> "7.0.6000.381 is a consumer only release that addresses some specific
> issues found after .374 was released. It will not be available via WSUS
> [Windows Server Update Services]. A standalone installer and the redist
> will be available soon, I will keep an eye on it and notify you when it is
> available."
>
> Unfortunately, this reply does not explain why the stealth patching began
> with so little information provided to customers. Nor does it provide any
> details on the "specific issues" that the update supposedly addresses.
>
> System logs confirm stealth installs
>
> In his forum post, Dean-Dean names several files that are changed on XP
> and Vista. The patching process updates several Windows\System32
> executables (with the extensions .exe, .dll, and .cpl) to version
> 7.0.6000.381, according to the post.
>
> In Vista, the following files are updated:
>
> 1. wuapi.dll
> 2. wuapp.exe
> 3. wuauclt.exe
> 4. wuaueng.dll
> 5. wucltux.dll
> 6. wudriver.dll
> 7. wups.dll
> 8. wups2.dll
> 9. wuwebv.dll
>
> In XP, the following files are updated:
>
> 1. cdm.dll
> 2. wuapi.dll
> 3. wuauclt.exe
> 4. wuaucpl.cpl
> 5. wuaueng.dll
> 6. wucltui.dll
> 7. wups.dll
> 8. wups2.dll
> 9. wuweb.dll
>
> These files are by no means viruses, and Microsoft appears to have no
> malicious intent in patching them. However, writing files to a user's PC
> without notice (when auto-updating has been turned off) is behavior that's
> usually associated with hacker Web sites. The question being raised in
> discussion forums is, "Why is Microsoft operating in this way?"
>
> How to check which version your PC has
>
> If a system has been patched in the past few months, the nine executables
> in Windows\System32 will either show an earlier version number,
> 7.0.6000.374, or the stealth patch: 7.0.6000.381. (The version numbers can
> be seen by right-clicking a file and choosing Properties. In XP, click the
> Version tab and then select File Version. In Vista, click the Details
> tab.)
>
> In addition, PCs that received the update will have new executables in
> subfolders named 7.0.6000.381 under the following folders:
>
> c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups.dll
> c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll
>
> Users can also verify whether patching occurred by checking Windows' Event
> Log:
>
> Step 1. In XP, click Start, Run.
>
> Step 2. Type eventvwr.msc and press Enter.
>
> Step 3. In the tree pane on the left, select System.
>
> Step 4. The right pane displays events and several details about them.
> Event types such as "Installation" are labeled in the Category column.
> "Windows Update Agent" is the event typically listed in the Source column
> for system patches.
>
> On systems that were checked recently by Windows Secrets readers, the
> Event Log shows two installation events on Aug. 24. The files were
> stealth-updated in the early morning hours. (The time stamp will vary, of
> course, on machines that received the patch on other dates.)
>
> To investigate further, you can open the Event Log's properties for each
> event. Normally, when a Windows update event occurs, the properties dialog
> box shows an associated KB number, enabling you to find more information
> at Microsoft's Web site. Mysteriously, no KB number is given for the WU
> updates that began in August. The description merely reads, "Installation
> Successful: Windows successfully installed the following update: Automatic
> Updates."
>
> No need to roll back the updated files
>
> Again, it's important to note that there's nothing harmful about the
> updated files themselves. There are no reports of software conflicts and
> no reason to remove the files (which WU apparently needs in order to
> access the latest patches). The only concern is the mechanism Microsoft is
> using to perform its patching, and how this mechanism might be used by the
> software giant in the future.
>
> I'd like to thank reader Angus Scott-Fleming for his help in researching
> this topic. He recommends that advanced Windows users monitor changes to
> their systems' Registry settings via a free program by Olivier Lombart
> called Tiny Watcher. Scott-Fleming will receive a gift certificate for a
> book, CD, or DVD of his choice for sending in a comment we printed.
>
> I'll report further on this story when I'm able to find more information
> on the policies and techniques behind Windows Update's silent patches.
> Send me your tips on this subject via the Windows Secrets contact page.
>
> Scott Dunn is associate editor of the Windows Secrets Newsletter. He is
> also a contributing editor of PC World Magazine, where he has written a
> monthly column since 1992, and co-author of 101 Windows Tips & Tricks
> (Peachpit) with Jesse Berst and Charles Bermant.
>
 
Back
Top