A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » Windows XP Help and Support
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Microsoft updates Windows without users' consent



 
 
Thread Tools Display Modes
  #166  
Old September 18th 07, 12:39 AM posted to microsoft.public.windows.vista.general,microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support
Frank
external usenet poster
 
Posts: 7
Default Microsoft updates Windows without users' consent

ceed wrote:
Frank wrote:

|ceed wrote:
|
|| Jupiter Jones [MVP] wrote:
||
| |"Mr Gates was the one proclaiming that we would never need more
|than |640kb memory" That is a well known myth with no basis in fact.
||
|| It may be myth or it may not. The jury is still out on that one.
|| There's no written proof that he said it, you are right there. But
||it doesn't turn into a myth because he denies having said it. I
||would have wanted to deny that also..
||
|| Take a look he
||
||
||http://tickletux.wordpress.com/2007/...the-640k-line/
||
|
|
|Well the way the quote is quoted on the referenced URL is:
|
|“640K ought to be enough for anybody”.
|
|Which is vastly different from saying:
|
|"Mr Gates was the one proclaiming that we would never need more than
|640kb memory".
|
|Frank

If you never need more then what you have ought to be enough, right?


hahaha...or we can always be American about...if enough is just
right...then too much has to be better! :-)
Frank
Ads
  #167  
Old September 18th 07, 03:54 AM posted to microsoft.public.windows.vista.general,microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support
Charlie Tame
external usenet poster
 
Posts: 300
Default Microsoft updates Windows without users' consent

Jupiter Jones [MVP] wrote:
Charlie and a few others also have shown they need to stoop to personal
attacks and name calling at times.
A very few other do little else.
Neither of which are necessary or appropriate.
But I guess you accept it and turn away since it suits you.

"...just another Microsoft hyper-shill."
"You may try to fool some of the newer..."
Since I am not attempting to fool you, it is good you are not fooled by
something you imagine.
Not at all trying to fool anyone, but name calling to avoid the issues
seems the thing for a few critics.



You seem to have confused "Name calling" with honesty.

The vast majority of Windows users do not and probably will not read the
EULA at all, at least not all the way through. Of those folks who do
read it many will not understand the finer "Legal" points built into the
wording. Even fewer will read the document with a view to nit picking
the "May be nefarious" passages from it, yet it seems that is the only
way to go. To read the EULA several times with the thought in mind "How
does this wording mean Microsoft can screw me?"

I don't suggest for one moment that is Microsoft's "Intent", merely that
if we take your view of the agreement we must read in that manner.

Else we take things at face value, and believing Microsoft to be, in
general, a reputable company we do tend to take things at face value.

In use, the "Settings" appear to mean you have 3 choices, Download and
install Updates, Download and ask, Download nothing until specifically
requested. There is nothing in that dialog to suggest other "Updates" or
communication of any kind.

There are notes in various places on the MS websites to the effect that
users with special needs (For example System Admins who need to test on
lab machines first) may prefer to turn auto updates off. This is a
sensible precaution for both MS and the Admin to take. I have yet to see
anything suggesting that this in fact does not stop all updates, and yet
the subject of MS Auto Updates has long been an issue discussed with
"Privacy" concerns in mind. MS even go to the trouble of stating that
they respect privacy and no identifiable information is "Intentionally"
collected. From this we can reliably conclude that MS can make
themselves aware of user privacy concerns WRT network traffic and
actually do make themselves aware of those concerns. It requires no
great leap of imagination to deduce that user concerns about what is
going out to MS would be equally valid WRT what is coming in...

Also, whatever the real intent behind this mechanism is, one must ask
the question why, when the update system already identifies when the
update system itself needs updating, MS chose to do this stealthily. The
updates do not appear to be "Security" related, in which case I could
understand MS having a desire to "Push" updates to cover some really
drastic security flaw. Maybe it would still be wrong, but it would be
"Understandable".

It has been suggested that for "Update" to update itself would be like
trying to change the oil in a vehicle whilst driving it, or something
similar to that. This is nonsense, all that would be necessary in that
case is a download followed by a system restart to do the install. This
happens all the time when drivers and other things demand it. In any
case I see no reason for even that to be necessary.

So this warrants an explanation from Microsoft and soon, because without
such their entire "Trustworthy Computing" flagship will become their
Titanic. This comes at an even worse time with three letter agencies
being suspected of planting "Trojans" and various other data collection
systems on machines. The fact here is that to persuade the open source
community to do such would require an awful lot of "Bought silence" from
an awful lot of people. For a corporation like MS it would take very few
yet at the same time cover 80-90% of the computers in use.

IMHO (and that is all it is) MS have to offer some explanation other
than "It's in the contract" or they present themselves as a huge target
for criticism, rumors and loss of future business. No animosity involved
whatsoever, they simply need to explain this, EULA or not, because it is
(or at least seems) to be quite unnecessary.
  #168  
Old September 18th 07, 05:44 AM posted to microsoft.public.windows.vista.general,microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support
Jupiter Jones [MVP]
external usenet poster
 
Posts: 55
Default Microsoft updates Windows without users' consent

"You seem to have confused "Name calling" with honesty"
Not at all an unexpected excuse to justify a need for name calling while
ignoring the issues.
It has no place with those secure in their positions and desiring to keep on
topic.

"...if we take your view of the agreement we must read..."
That is not what I said.
However if there are concerns as there are for some now, then they need to
reread the applicable parts to see what was actually agreed.
In this respect, it is no different than other agreements.
People may skim over initially, but they are still responsible for what
initially missed.
If a contract is clear from a legal standpoint, it is irrelevant if the
person did not read thoroughly if they had the chance.

There are two issues:
1. What is legal
For this I believe the license covers it and there is little that anyone can
do from a legal standpoint.
2. What is right with their customers interests.
This is where trust is made and lost because it goes beyond legality.
It is based on trust based at least partly on a customers understanding
based on several things such as a quick view of the license, what is said by
the company and other sources.


"...appear to mean you have 3 choices..."
And I addressed this in another post in which your response was little more
than an attack.
That seems to be covered in the license even though it is not what you,
myself or others like.
Trust with Microsoft/Windows update has been brought up before and it will
again, your previous attack not withstanding.
Similar as you can in your Product Group at Microsoft with your contacts.

Now, are you making your opinion heard at Microsoft or are you simply
complaining here where there is no expectation or requirement that Microsoft
get your message?

--
Jupiter Jones [MVP]
Windows Server System - Microsoft Update Services
http://www3.telus.net/dandemar


"Charlie Tame" wrote in message
...
You seem to have confused "Name calling" with honesty.

The vast majority of Windows users do not and probably will not read the
EULA at all, at least not all the way through. Of those folks who do read
it many will not understand the finer "Legal" points built into the
wording. Even fewer will read the document with a view to nit picking the
"May be nefarious" passages from it, yet it seems that is the only way to
go. To read the EULA several times with the thought in mind "How does this
wording mean Microsoft can screw me?"

I don't suggest for one moment that is Microsoft's "Intent", merely that
if we take your view of the agreement we must read in that manner.

Else we take things at face value, and believing Microsoft to be, in
general, a reputable company we do tend to take things at face value.

In use, the "Settings" appear to mean you have 3 choices, Download and
install Updates, Download and ask, Download nothing until specifically
requested. There is nothing in that dialog to suggest other "Updates" or
communication of any kind.

There are notes in various places on the MS websites to the effect that
users with special needs (For example System Admins who need to test on
lab machines first) may prefer to turn auto updates off. This is a
sensible precaution for both MS and the Admin to take. I have yet to see
anything suggesting that this in fact does not stop all updates, and yet
the subject of MS Auto Updates has long been an issue discussed with
"Privacy" concerns in mind. MS even go to the trouble of stating that they
respect privacy and no identifiable information is "Intentionally"
collected. From this we can reliably conclude that MS can make themselves
aware of user privacy concerns WRT network traffic and actually do make
themselves aware of those concerns. It requires no great leap of
imagination to deduce that user concerns about what is going out to MS
would be equally valid WRT what is coming in...

Also, whatever the real intent behind this mechanism is, one must ask the
question why, when the update system already identifies when the update
system itself needs updating, MS chose to do this stealthily. The updates
do not appear to be "Security" related, in which case I could understand
MS having a desire to "Push" updates to cover some really drastic security
flaw. Maybe it would still be wrong, but it would be "Understandable".

It has been suggested that for "Update" to update itself would be like
trying to change the oil in a vehicle whilst driving it, or something
similar to that. This is nonsense, all that would be necessary in that
case is a download followed by a system restart to do the install. This
happens all the time when drivers and other things demand it. In any case
I see no reason for even that to be necessary.

So this warrants an explanation from Microsoft and soon, because without
such their entire "Trustworthy Computing" flagship will become their
Titanic. This comes at an even worse time with three letter agencies being
suspected of planting "Trojans" and various other data collection systems
on machines. The fact here is that to persuade the open source community
to do such would require an awful lot of "Bought silence" from an awful
lot of people. For a corporation like MS it would take very few yet at the
same time cover 80-90% of the computers in use.

IMHO (and that is all it is) MS have to offer some explanation other than
"It's in the contract" or they present themselves as a huge target for
criticism, rumors and loss of future business. No animosity involved
whatsoever, they simply need to explain this, EULA or not, because it is
(or at least seems) to be quite unnecessary.


  #169  
Old September 18th 07, 07:34 AM posted to microsoft.public.windows.vista.general,microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support
~greg
external usenet poster
 
Posts: 13
Default Microsoft updates Windows without users' consent


"PA Bear"
Then perhaps you should take the time to read the entire thread. Is our time less valuable than yours?



definitely.




  #170  
Old September 18th 07, 02:47 PM posted to microsoft.public.windows.vista.general,microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support
John John
external usenet poster
 
Posts: 3,149
Default Microsoft updates Windows without users' consent

The contract would still be invalid regardless of what exceptions were
written in it, it would be an illegal contract. Try assisted suicide
and see how many fancy agreements and lawyers got around that one.
Plain and simply the law states that you cannot write up contracts that
violate applicable laws, if it were otherwise there would in fact be no law.

John

Bob I wrote:

Unless of course there is an exception to the "loan sharking" law that
says if you have the document notarized then it is ok to charge rates
above 60%. Carefully read the exemptions, as it isn't black and white,
and the "illegal" part isn't necessarily there.

John John wrote:

I have not really followed the discussion and I am not commenting on
the EULA legalities. But...

An interesting fact in law is that you cannot have someone sign an
agreement to circumvent applicable laws and then claim indemnity. For
example, charging interest rates above a certain amount is illegal
(loansharking). Let's say the that rates above 60% P.A. are illegal.
If you loan me money and tell me outright upfront that you will charge
me 120% interest, and if I sign the loan agreement and accept your
terms, you are still guilty of loansharking and if I were to take you
to court you would lose. Even if I signed and accepted your contract
you would still lose because the contract violates the law, it is an
illegal contract.

John

Jupiter Jones [MVP] wrote:

As has been pointed out, paragraph 7 in the agreement.
If you accepted the agreement which is necessary for use, you have
already agreed to and been notified even though notification may not
have been what customers want.


  #171  
Old September 18th 07, 03:39 PM posted to microsoft.public.windows.vista.general,microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support
Bob I
external usenet poster
 
Posts: 9,943
Default Microsoft updates Windows without users' consent

The "issue" is how the law is written, IF the law provides for
EXCEPTIONS then there are circumstances where the "law" is not violated.
Pure and simple. Just like you "can't violate the overtime law" except
for the stated exception if a bargaining sets up a contract to do it
differently. It's the law that provided for the exception.

John John wrote:

The contract would still be invalid regardless of what exceptions were
written in it, it would be an illegal contract. Try assisted suicide
and see how many fancy agreements and lawyers got around that one. Plain
and simply the law states that you cannot write up contracts that
violate applicable laws, if it were otherwise there would in fact be no
law.

John

Bob I wrote:

Unless of course there is an exception to the "loan sharking" law that
says if you have the document notarized then it is ok to charge rates
above 60%. Carefully read the exemptions, as it isn't black and white,
and the "illegal" part isn't necessarily there.

John John wrote:

I have not really followed the discussion and I am not commenting on
the EULA legalities. But...

An interesting fact in law is that you cannot have someone sign an
agreement to circumvent applicable laws and then claim indemnity.
For example, charging interest rates above a certain amount is
illegal (loansharking). Let's say the that rates above 60% P.A. are
illegal. If you loan me money and tell me outright upfront that you
will charge me 120% interest, and if I sign the loan agreement and
accept your terms, you are still guilty of loansharking and if I were
to take you to court you would lose. Even if I signed and accepted
your contract you would still lose because the contract violates the
law, it is an illegal contract.

John

Jupiter Jones [MVP] wrote:

As has been pointed out, paragraph 7 in the agreement.
If you accepted the agreement which is necessary for use, you have
already agreed to and been notified even though notification may not
have been what customers want.



  #172  
Old September 18th 07, 05:58 PM posted to microsoft.public.windows.vista.general,microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support
Adam Albright
external usenet poster
 
Posts: 237
Default Microsoft updates Windows without users' consent

On Tue, 18 Sep 2007 09:39:49 -0500, Bob I wrote:

The "issue" is how the law is written, IF the law provides for
EXCEPTIONS then there are circumstances where the "law" is not violated.
Pure and simple. Just like you "can't violate the overtime law" except
for the stated exception if a bargaining sets up a contract to do it
differently. It's the law that provided for the exception.


Actually it depends only on how the law in interrupted BY the court
system, IF it ever gets that far. Of course parties having legal
disputes may and often do settle contractual disputes out of court.

Limiting the discussion just to United States interpretation there are
three broad standards. Criminal law, Civil law and Common law.
Criminal law sets up a bunch of "laws", look at them as "rules" that
state what a "crime" is and the punishment for it IF the accused is
found guilty. Those found guilty of some criminal offense may be
subject to incarceration, meaning some length of time is generally
served for their offense within either the federal system if a federal
law is broken or in the state system if some state law is broken.

Read slowly: Common law tends to draw abstract rules from specific
cases, which becomes case law, whereas civil law starts with abstract
rules which judges must then apply to the various cases before them.
Punishment, if found guilty rarely results in prison time and usually
results in some monetary punishment in the form of fines.

Some may be shocked to learn much of present day's civil law is based
on ancient Egyptian law from many thousands of years ago which the
ancient Romans adopted and modified that were further adopted
throughout Europe and pretty much remained unchanged through the 18th
century.

Then a process call Codification began to change the legal landscape.
This new process is where some enity, ie a Government in a democracy
restates and refines the "law" resulting as in the United States as
some act of Congress, creating some federal statutes. The official
codification of Federal statutes is called the United States Code.
This "code" is divided into "titles" numbered 1 through 50. Title 18
for example contains many of the Federal criminal statutes. This
process is based on The Corpus Juris Civilis a collection of
fundamental works in jurisprudence, issued during the years 529 to 534
by order of Justinian I, Byzantine Emperor.

The US Code is very complex and lengthy:

http://www.gpoaccess.gov/uscode/browse.html

Another difference between common and civil law is civil law is
historically common law developed by custom, beginning before there
were any written laws and continuing to be applied by courts after
there were written laws, whereas civil law developed out of Roman law.

The difference between civil law and common law isn't limited to
codification, but in the approach taken to codes and statutes. In
civil law countries like the United States, legislation is always
written by some governmental body, (at the federal level, Congress)
which is seen as the primary source of federal law while each state
legislature has the same task for writing state laws. Ditto for local
governments where some governmental body proposes and creates "law"
more commonly called an ordinance; some authoritative decree or
direction, again having roots in Roman times.

By default, courts thus base their judgments on the provisions of
codes and statutes, from which solutions in particular cases are to be
derived. Courts therefore have to reason extensively on the basis of
general rules and principles of the code, often drawing analogies from
statutory provisions to fill in the blanks and to achieve coherence.
By contrast, in the common law system, cases are the primary source of
law, while statutes are only seen as incursions into the common law
and thus interpreted narrowly.

My point of all this long winded flowerily language is to remind those
that think anything in any "legal" written document such as a contract
or Microsoft's EULA is absolute and binding are sadly mistaken and in
for a rude shock IF any provision is tested within the court system.
Often many contractual clauses fail to pass the smell test and will
accordingly be thrown out by the courts. I've seen it happen many
times, so sorry, I must snicker when I see the fanboy crowd making
reference to the EULA and pretending it trumps everything else. Not
even close.













John John wrote:

The contract would still be invalid regardless of what exceptions were
written in it, it would be an illegal contract. Try assisted suicide
and see how many fancy agreements and lawyers got around that one. Plain
and simply the law states that you cannot write up contracts that
violate applicable laws, if it were otherwise there would in fact be no
law.

John

Bob I wrote:

Unless of course there is an exception to the "loan sharking" law that
says if you have the document notarized then it is ok to charge rates
above 60%. Carefully read the exemptions, as it isn't black and white,
and the "illegal" part isn't necessarily there.

John John wrote:

I have not really followed the discussion and I am not commenting on
the EULA legalities. But...

An interesting fact in law is that you cannot have someone sign an
agreement to circumvent applicable laws and then claim indemnity.
For example, charging interest rates above a certain amount is
illegal (loansharking). Let's say the that rates above 60% P.A. are
illegal. If you loan me money and tell me outright upfront that you
will charge me 120% interest, and if I sign the loan agreement and
accept your terms, you are still guilty of loansharking and if I were
to take you to court you would lose. Even if I signed and accepted
your contract you would still lose because the contract violates the
law, it is an illegal contract.

John

Jupiter Jones [MVP] wrote:

As has been pointed out, paragraph 7 in the agreement.
If you accepted the agreement which is necessary for use, you have
already agreed to and been notified even though notification may not
have been what customers want.



  #173  
Old September 18th 07, 06:42 PM posted to microsoft.public.windows.vista.general,microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support
PA Bear
external usenet poster
 
Posts: 2,534
Default Microsoft updates Windows without users' consent

~greg wrote:
"PA Bear"
Then perhaps you should take the time to read the entire thread. Is our
time less valuable than yours?

definitely.


Take a hike. plonk


  #174  
Old September 22nd 07, 11:00 PM posted to microsoft.public.windows.vista.general,microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support
No_Name
external usenet poster
 
Posts: 8
Default Microsoft updates Windows without users' consent

John John posted to
microsoft.public.windows.vista.general:

The contract would still be invalid regardless of what exceptions
were
written in it, it would be an illegal contract. Try assisted
suicide and see how many fancy agreements and lawyers got around
that one. Plain and simply the law states that you cannot write up
contracts that violate applicable laws, if it were otherwise there
would in fact be no law.

John

Bob I wrote:

Unless of course there is an exception to the "loan sharking" law
that says if you have the document notarized then it is ok to
charge rates above 60%. Carefully read the exemptions, as it isn't
black and white, and the "illegal" part isn't necessarily there.

John John wrote:

I have not really followed the discussion and I am not commenting
on
the EULA legalities. But...

An interesting fact in law is that you cannot have someone sign an
agreement to circumvent applicable laws and then claim indemnity.
For example, charging interest rates above a certain amount is
illegal
(loansharking). Let's say the that rates above 60% P.A. are
illegal. If you loan me money and tell me outright upfront that
you will charge me 120% interest, and if I sign the loan agreement
and accept your terms, you are still guilty of loansharking and if
I were to take you
to court you would lose. Even if I signed and accepted your
contract you would still lose because the contract violates the
law, it is an illegal contract.

John

Jupiter Jones [MVP] wrote:

As has been pointed out, paragraph 7 in the agreement.
If you accepted the agreement which is necessary for use, you
have already agreed to and been notified even though notification
may not have been what customers want.



Then you have really avoided the some of the lessons of "The Wild
West" (sm). Where there is not or cannot be reliable enforcement
there is no law, regardless of what is passed my legislatures,
regulators, etc. WTF do you think all the DRM bruhaha is all about?


  #175  
Old November 8th 07, 04:15 PM posted to microsoft.public.windows.vista.general,microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support
Asher_N
external usenet poster
 
Posts: 14
Default Microsoft updates Windows without users' consent

"ceed" wrote in
:

Frank wrote:

|ceed wrote:
|
|| Jupiter Jones [MVP] wrote:
||
| |"Mr Gates was the one proclaiming that we would never need more
|than |640kb memory" That is a well known myth with no basis in fact.
||
|| It may be myth or it may not. The jury is still out on that one.
|| There's no written proof that he said it, you are right there. But
||it doesn't turn into a myth because he denies having said it. I
||would have wanted to deny that also..
||
|| Take a look he
||
||
||http://tickletux.wordpress.com/2007/...-say-the-640k-
||line/
||
|
|
|Well the way the quote is quoted on the referenced URL is:
|
|“640K ought to be enough for anybody”.
|
|Which is vastly different from saying:
|
|"Mr Gates was the one proclaiming that we would never need more than
|640kb memory".
|
|Frank

If you never need more then what you have ought to be enough, right?



The first is in context with the design and expectations at the time.
Given the 8086 proc, and IBM's prediction that they would sell about
250,000 of those new compuyers, the first quote is accurate.
  #176  
Old February 4th 08, 06:20 PM posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windows.vista.general
Kerry
external usenet poster
 
Posts: 15
Default Microsoft updates Windows without users' consent

I am unable to open .msi & .msu files. I do not have a secretly update
version of windows\system32
i would like to know what to install so as to open these files. (I have
registry booster 2. no help)

"Silicon neuron" wrote:

http://windowssecrets.com/comp/070913/#story1

By Scott Dunn

Microsoft has begun patching files on Windows XP and Vista without users'
knowledge, even when the users have turned off auto-updates.

Many companies require testing of patches before they are widely installed,
and businesses in this situation are objecting to the stealth patching.


Files changed with no notice to users

In recent days, Windows Update (WU) started altering files on users' systems
without displaying any dialog box to request permission. The only files that
have been reportedly altered to date are nine small executables on XP and
nine on Vista that are used by WU itself. Microsoft is patching these files
silently, even if auto-updates have been disabled on a particular PC.

It's surprising that these files can be changed without the user's
knowledge. The Automatic Updates dialog box in the Control Panel can be set
to prevent updates from being installed automatically. However, with
Microsoft's latest stealth move, updates to the WU executables seem to be
installed regardless of the settings - without notifying users.

When users launch Windows Update, Microsoft's online service can check the
version of its executables on the PC and update them if necessary. What's
unusual is that people are reporting changes in these files although WU
wasn't authorized to install anything.

This isn't the first time Microsoft has pushed updates out to users who
prefer to test and install their updates manually. Not long ago, another
Windows component, svchost.exe, was causing problems with Windows Update, as
last reported on June 21 in the Windows Secrets Newsletter. In that case,
however, the Windows Update site notified users that updated software had to
be installed before the patching process could proceed. This time, such a
notice never appears.

For users who elect not to have updates installed automatically, the issue
of consent is crucial. Microsoft has apparently decided, however, that it
doesn't need permission to patch Windows Updates files, even if you've set
your preferences to require it.

Microsoft provides no tech information - yet

To make matters even stranger, a search on Microsoft's Web site reveals no
information at all on the stealth updates. Let's say you wished to
voluntarily download and install the new WU executable files when you were,
for example, reinstalling a system. You'd be hard-pressed to find the
updated files in order to download them. At this writing, you either get a
stealth install or nothing.

A few Web forums have already started to discuss the updated files, which
bear the version number 7.0.6000.381. The only explanation found at
Microsoft's site comes from a user identified as Dean-Dean on a Microsoft
Communities forum. In reply to a question, he states:

"Windows Update Software 7.0.6000.381 is an update to Windows Update itself.
It is an update for both Windows XP and Windows Vista. Unless the update is
installed, Windows Update won't work, at least in terms of searching for
further updates. Normal use of Windows Update, in other words, is blocked
until this update is installed."

Windows Secrets contributing editor Susan Bradley contacted Microsoft
Partner Support about the update and received this short reply:


"7.0.6000.381 is a consumer only release that addresses some specific issues
found after .374 was released. It will not be available via WSUS [Windows
Server Update Services]. A standalone installer and the redist will be
available soon, I will keep an eye on it and notify you when it is
available."

Unfortunately, this reply does not explain why the stealth patching began
with so little information provided to customers. Nor does it provide any
details on the "specific issues" that the update supposedly addresses.

System logs confirm stealth installs

In his forum post, Dean-Dean names several files that are changed on XP and
Vista. The patching process updates several Windows\System32 executables
(with the extensions .exe, .dll, and .cpl) to version 7.0.6000.381,
according to the post.

In Vista, the following files are updated:

1. wuapi.dll
2. wuapp.exe
3. wuauclt.exe
4. wuaueng.dll
5. wucltux.dll
6. wudriver.dll
7. wups.dll
8. wups2.dll
9. wuwebv.dll

In XP, the following files are updated:

1. cdm.dll
2. wuapi.dll
3. wuauclt.exe
4. wuaucpl.cpl
5. wuaueng.dll
6. wucltui.dll
7. wups.dll
8. wups2.dll
9. wuweb.dll

These files are by no means viruses, and Microsoft appears to have no
malicious intent in patching them. However, writing files to a user's PC
without notice (when auto-updating has been turned off) is behavior that's
usually associated with hacker Web sites. The question being raised in
discussion forums is, "Why is Microsoft operating in this way?"

How to check which version your PC has

If a system has been patched in the past few months, the nine executables in
Windows\System32 will either show an earlier version number, 7.0.6000.374,
or the stealth patch: 7.0.6000.381. (The version numbers can be seen by
right-clicking a file and choosing Properties. In XP, click the Version tab
and then select File Version. In Vista, click the Details tab.)

In addition, PCs that received the update will have new executables in
subfolders named 7.0.6000.381 under the following folders:

c:\Windows\System32\SoftwareDistribution\Setup\Ser viceStartup\wups.dll
c:\Windows\System32\SoftwareDistribution\Setup\Ser viceStartup\wups2.dll

Users can also verify whether patching occurred by checking Windows' Event
Log:

Step 1. In XP, click Start, Run.

Step 2. Type eventvwr.msc and press Enter.

Step 3. In the tree pane on the left, select System.

Step 4. The right pane displays events and several details about them. Event
types such as "Installation" are labeled in the Category column. "Windows
Update Agent" is the event typically listed in the Source column for system
patches.

On systems that were checked recently by Windows Secrets readers, the Event
Log shows two installation events on Aug. 24. The files were stealth-updated
in the early morning hours. (The time stamp will vary, of course, on
machines that received the patch on other dates.)

To investigate further, you can open the Event Log's properties for each
event. Normally, when a Windows update event occurs, the properties dialog
box shows an associated KB number, enabling you to find more information at
Microsoft's Web site. Mysteriously, no KB number is given for the WU updates
that began in August. The description merely reads, "Installation
Successful: Windows successfully installed the following update: Automatic
Updates."

No need to roll back the updated files

Again, it's important to note that there's nothing harmful about the updated
files themselves. There are no reports of software conflicts and no reason
to remove the files (which WU apparently needs in order to access the latest
patches). The only concern is the mechanism Microsoft is using to perform
its patching, and how this mechanism might be used by the software giant in
the future.

I'd like to thank reader Angus Scott-Fleming for his help in researching
this topic. He recommends that advanced Windows users monitor changes to
their systems' Registry settings via a free program by Olivier Lombart
called Tiny Watcher. Scott-Fleming will receive a gift certificate for a
book, CD, or DVD of his choice for sending in a comment we printed.

I'll report further on this story when I'm able to find more information on
the policies and techniques behind Windows Update's silent patches. Send me
your tips on this subject via the Windows Secrets contact page.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He is also
a contributing editor of PC World Magazine, where he has written a monthly
column since 1992, and co-author of 101 Windows Tips & Tricks (Peachpit)
with Jesse Berst and Charles Bermant.



  #177  
Old February 10th 08, 05:23 PM posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windows.vista.general
marsha
external usenet poster
 
Posts: 7
Default Microsoft updates Windows without users' consent

Hello,
I have read this post and I am concerned that this Microsoft Stealth
update is the reason I can not get my two software video editing programs to
burn onto disks.
I use Photo Show and Pinnacle video editing software. Neither one will
burn onto disks since this Stealth update occured.
I spoke with a gentleman that has used Pinnacle since it's infancy and
the software has always worked. He can not burn either. The program will
create projects but will not burn. Is this Microsofts way of controlling
what we do in our homes? I do not resell these projects. I want to be able
to use this software. There are others using Pinnacle that have the same
problem. How can Pinnacle stay in business with this happening?
Is there some way to resolve this issue?
Thank you.

"Silicon neuron" wrote:

http://windowssecrets.com/comp/070913/#story1

By Scott Dunn

Microsoft has begun patching files on Windows XP and Vista without users'
knowledge, even when the users have turned off auto-updates.

Many companies require testing of patches before they are widely installed,
and businesses in this situation are objecting to the stealth patching.


Files changed with no notice to users

In recent days, Windows Update (WU) started altering files on users' systems
without displaying any dialog box to request permission. The only files that
have been reportedly altered to date are nine small executables on XP and
nine on Vista that are used by WU itself. Microsoft is patching these files
silently, even if auto-updates have been disabled on a particular PC.

It's surprising that these files can be changed without the user's
knowledge. The Automatic Updates dialog box in the Control Panel can be set
to prevent updates from being installed automatically. However, with
Microsoft's latest stealth move, updates to the WU executables seem to be
installed regardless of the settings - without notifying users.

When users launch Windows Update, Microsoft's online service can check the
version of its executables on the PC and update them if necessary. What's
unusual is that people are reporting changes in these files although WU
wasn't authorized to install anything.

This isn't the first time Microsoft has pushed updates out to users who
prefer to test and install their updates manually. Not long ago, another
Windows component, svchost.exe, was causing problems with Windows Update, as
last reported on June 21 in the Windows Secrets Newsletter. In that case,
however, the Windows Update site notified users that updated software had to
be installed before the patching process could proceed. This time, such a
notice never appears.

For users who elect not to have updates installed automatically, the issue
of consent is crucial. Microsoft has apparently decided, however, that it
doesn't need permission to patch Windows Updates files, even if you've set
your preferences to require it.

Microsoft provides no tech information - yet

To make matters even stranger, a search on Microsoft's Web site reveals no
information at all on the stealth updates. Let's say you wished to
voluntarily download and install the new WU executable files when you were,
for example, reinstalling a system. You'd be hard-pressed to find the
updated files in order to download them. At this writing, you either get a
stealth install or nothing.

A few Web forums have already started to discuss the updated files, which
bear the version number 7.0.6000.381. The only explanation found at
Microsoft's site comes from a user identified as Dean-Dean on a Microsoft
Communities forum. In reply to a question, he states:

"Windows Update Software 7.0.6000.381 is an update to Windows Update itself.
It is an update for both Windows XP and Windows Vista. Unless the update is
installed, Windows Update won't work, at least in terms of searching for
further updates. Normal use of Windows Update, in other words, is blocked
until this update is installed."

Windows Secrets contributing editor Susan Bradley contacted Microsoft
Partner Support about the update and received this short reply:


"7.0.6000.381 is a consumer only release that addresses some specific issues
found after .374 was released. It will not be available via WSUS [Windows
Server Update Services]. A standalone installer and the redist will be
available soon, I will keep an eye on it and notify you when it is
available."

Unfortunately, this reply does not explain why the stealth patching began
with so little information provided to customers. Nor does it provide any
details on the "specific issues" that the update supposedly addresses.

System logs confirm stealth installs

In his forum post, Dean-Dean names several files that are changed on XP and
Vista. The patching process updates several Windows\System32 executables
(with the extensions .exe, .dll, and .cpl) to version 7.0.6000.381,
according to the post.

In Vista, the following files are updated:

1. wuapi.dll
2. wuapp.exe
3. wuauclt.exe
4. wuaueng.dll
5. wucltux.dll
6. wudriver.dll
7. wups.dll
8. wups2.dll
9. wuwebv.dll

In XP, the following files are updated:

1. cdm.dll
2. wuapi.dll
3. wuauclt.exe
4. wuaucpl.cpl
5. wuaueng.dll
6. wucltui.dll
7. wups.dll
8. wups2.dll
9. wuweb.dll

These files are by no means viruses, and Microsoft appears to have no
malicious intent in patching them. However, writing files to a user's PC
without notice (when auto-updating has been turned off) is behavior that's
usually associated with hacker Web sites. The question being raised in
discussion forums is, "Why is Microsoft operating in this way?"

How to check which version your PC has

If a system has been patched in the past few months, the nine executables in
Windows\System32 will either show an earlier version number, 7.0.6000.374,
or the stealth patch: 7.0.6000.381. (The version numbers can be seen by
right-clicking a file and choosing Properties. In XP, click the Version tab
and then select File Version. In Vista, click the Details tab.)

In addition, PCs that received the update will have new executables in
subfolders named 7.0.6000.381 under the following folders:

c:\Windows\System32\SoftwareDistribution\Setup\Ser viceStartup\wups.dll
c:\Windows\System32\SoftwareDistribution\Setup\Ser viceStartup\wups2.dll

Users can also verify whether patching occurred by checking Windows' Event
Log:

Step 1. In XP, click Start, Run.

Step 2. Type eventvwr.msc and press Enter.

Step 3. In the tree pane on the left, select System.

Step 4. The right pane displays events and several details about them. Event
types such as "Installation" are labeled in the Category column. "Windows
Update Agent" is the event typically listed in the Source column for system
patches.

On systems that were checked recently by Windows Secrets readers, the Event
Log shows two installation events on Aug. 24. The files were stealth-updated
in the early morning hours. (The time stamp will vary, of course, on
machines that received the patch on other dates.)

To investigate further, you can open the Event Log's properties for each
event. Normally, when a Windows update event occurs, the properties dialog
box shows an associated KB number, enabling you to find more information at
Microsoft's Web site. Mysteriously, no KB number is given for the WU updates
that began in August. The description merely reads, "Installation
Successful: Windows successfully installed the following update: Automatic
Updates."

No need to roll back the updated files

Again, it's important to note that there's nothing harmful about the updated
files themselves. There are no reports of software conflicts and no reason
to remove the files (which WU apparently needs in order to access the latest
patches). The only concern is the mechanism Microsoft is using to perform
its patching, and how this mechanism might be used by the software giant in
the future.

I'd like to thank reader Angus Scott-Fleming for his help in researching
this topic. He recommends that advanced Windows users monitor changes to
their systems' Registry settings via a free program by Olivier Lombart
called Tiny Watcher. Scott-Fleming will receive a gift certificate for a
book, CD, or DVD of his choice for sending in a comment we printed.

I'll report further on this story when I'm able to find more information on
the policies and techniques behind Windows Update's silent patches. Send me
your tips on this subject via the Windows Secrets contact page.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He is also
a contributing editor of PC World Magazine, where he has written a monthly
column since 1992, and co-author of 101 Windows Tips & Tricks (Peachpit)
with Jesse Berst and Charles Bermant.



  #178  
Old February 11th 08, 07:33 AM posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windows.vista.general
Holz
external usenet poster
 
Posts: 103
Default Microsoft updates Windows without users' consent

Marsha wrote:

Is there some way to resolve this issue?

No.
Microsoft is going towards a subscription model, they will control
everything in your PC.
--
:-)
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 01:44 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.