Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Installs New Software Without Permission

kdawson posted more than 6 years ago | from the slipperiest-of-slopes dept.

Microsoft 760

Futurepower(R) writes "Even though I have Automatic Updates turned off, on August 28, 2007, between 3:49 and 3:51 AM PDT, Microsoft installed new files on my Windows XP computer." Nine files are updated on Vista and on XP SP1, a different set of on each, relating to Windows Update itself. Microsoft-watch.com's Joe Wilcox and ZDnet's Adrian Kingsley-Hughes confirm the stealth update.

cancel ×

760 comments

Kathleen Malda's Excellent Adventure (-1, Troll)

Anonymous Coward | more than 6 years ago | (#20586583)

After making them perform for us by dirty dancing, kissing together with their tongues, running their hands all over each other's bodies and doing a sexy striptease, we made them lay down on a table and do sixtynine while we fondled and squeezed their young bodies. Annalindy was lying on her back with her legs wide apart and up in the air while Carly was on top with his legs also wide apart but spread on the table either side of Annalindy's head. This position allowed us to smack and pinch and twist their childflesh while we fondled and felt them all over. Then we made Carly sit on a big pyrex bowl on the table to do his boy weewee and poopoo. When he'd finished weeing and going plopplop, Annalindy was made to lick and suck her pretty brother's cocklet and bummybot all clean. Annalindy was then made to do her weewee and her girly ploppies into the bowl as well, and Carly was made to lick and suck his gorgeous sister's dirty rude places all clean. Several of us were watching with our faces really close to the children. The bowl was placed on the table where both children were made to sit next to each other on chairs right in front of it. Annalindy was ordered first to take a handful of child plop from the bowl and put it in her mouth where she was made to chew on it before kissing it into her pretty brother's sweet mouth. Then Carly was made to do the same and kiss it into lovely Annalindy's mouth. This went on until all the kiddypoopoo had been eaten. Annalindy and Carly had both been sick while they were eating their pooey plopplops but we'd made sure that they squirted their kiddysick into the bowl where it now floated in their poo-stained little girl and boy urine. Also, while the beautiful childwhores had been eating their poos, many of us had wanked off and shot our filthy spunk into the bowl, gobbed our spit into it, urinated in it, one of us had also been sick into it, and another, an older man, had squirted his diaorhea into it. Finally, two more men oozed their turds into the revolting mixture. Annalindy was given a fork and made to mash up the manshit floating in the stinking liquid and mix it all together. She heaved and spewed her sick again, thankfully right into the bowl. The sweet, crying child was made to mix it all thoroughly. When it had all turned to a thick slurry, she and her cute brother were given a spoon each and ordered to drink all the liquid in the bowl.

Re:Kathleen Malda's Excellent Adventure (0, Funny)

Anonymous Coward | more than 6 years ago | (#20586929)

Dammit, Rob, for the last time: Please fix your bookmarks. We really don't need these updates of yours. Save 'em for your blog.

Block it (5, Informative)

Ragein (901507) | more than 6 years ago | (#20586603)

Block M$ from having an interwebs connection and update from windiz, works even if they decided to ignore your settings.

Why? Re:Block it (4, Insightful)

lecithin (745575) | more than 6 years ago | (#20586677)

Why should you have to?

Re:Why? Re:Block it (3, Funny)

Ragein (901507) | more than 6 years ago | (#20586767)

You should not have to but, In theory theory and practise are the same in practise they are not.

Re:Why? Re:Block it (4, Insightful)

Applekid (993327) | more than 6 years ago | (#20587115)

Why should you have to?
If Microsoft has the ability to forcefully modify code running on your property without your consent, I'd call that a threat.

We have a right (and I'd say responsibility) to protect ourselves from threats.

Resistance is futile! (2, Funny)

CdrGlork (1096607) | more than 6 years ago | (#20586607)

You'll take your nanites, and you'll like them!

Hmm.... (5, Funny)

TechnoBunny (991156) | more than 6 years ago | (#20586613)

...I cant see how anyone on /. would ever object.

Anyone want popcorn?

Can't Win for... (5, Funny)

WED Fan (911325) | more than 6 years ago | (#20587079)

/.er:Windows is insecure, Microsoft is evil.

/.er:Where are my patches?

/.er:You're evil because you patched my system.

MS:O.k., we'll make a system the user can run and patch them system that way.

/.er:You're evil because most lusers won't set it up properly and the net will be taken over by these luser's machines.

MS:O.k, we'll patch the system involuntarily.

/.er:You're evil for patching my system that way.

MS: You've made a career at being happy with whatever prevails, right?

hehehe (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#20587093)

10 years ago, your comment would have been true. Now adays, / is loaded with MS lovers. Some are just the ppl from before. But I suspect that many others are paid to be here.

I expect this from M$ (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#20586615)

What is sad is that I expect this from Microsoft.

Asshats.

Re:I expect this from M$ (4, Insightful)

El Lobo (994537) | more than 6 years ago | (#20586833)

What is really sad is that everybody here blindly trust this "article" without really checking and re-checking other sources. That's the scary thing these days.

Re:I expect this from M$ (0)

Anonymous Coward | more than 6 years ago | (#20586981)

Exactly.

The slashdot crowd are so keen to get their collective panties in a bunch over anything MS might have done that they ignore mere facts.

Also, Joe Wilcox is an asshat of the first water. No journalist he!

Anyhow, as this is slashdot, BURN TEH M$ LOLZ!

Re:I expect this from M$ (1, Insightful)

tgd (2822) | more than 6 years ago | (#20587005)

No, whats really scary is just how common it is for blind-MS hate and Linux fanboi-ism to cause people who should know better to do things like run with Windows Update turned off.

I happen to like the fact that all three OS's I use (Ubuntu, OSX and Windows) patch themselves automatically for critical updates. I don't get butthurt about any of the three keeping themselves updated. (Actually the fact that I can't figure out how to make Ubuntu do it truly automatically is a lingering sticking point I have with using Ubuntu because I have a few systems I just don't log into all that often.)

Re:I expect this from M$ (5, Insightful)

B'Trey (111263) | more than 6 years ago | (#20587185)

That's a fine setting for a home system. It's asking for trouble in a corporate environment, particularly one where you run custom applications or services. If this [com.com] happens on your home computer, it's largely an issue of annoyance and inconvenience. If it happens to large numbers of computers in an enterprise, it may mean losses of millions of dollars. Most enterprises test patches on lab machines to identify issues before they deploy them. MS (or Ubuntu or Apple or whomever) has no business patching anyone's machine without permission. Period.

Re:I expect this from M$ (0)

Anonymous Coward | more than 6 years ago | (#20587047)

My XP SP2 box does not have the versions listed in the article, and the was no related update event listed.
YMMV

and the surprise is? (3, Informative)

rucs_hack (784150) | more than 6 years ago | (#20586623)

That's the proprietary software world for you.

The solution is simple, install Ubuntu.

Re:and the surprise is? (0, Troll)

Drakin020 (980931) | more than 6 years ago | (#20586685)

*sigh* nice troll. 4/10

Re:and the surprise is? (5, Insightful)

rucs_hack (784150) | more than 6 years ago | (#20586747)

*sigh* nice troll. 4/10

Hmm, care to prove me wrong? How many open source projects enforce monitoring or hidden updates about which there is no choice on users?

Ubuntu monitoring (0, Troll)

Anonymous Coward | more than 6 years ago | (#20586789)

Ubuntu installs the package "popularity-contest" by default, which reports every package you're using and how often. That's large scale stealth spying, but it's not proprietary so it should be ok...

Re:Ubuntu monitoring (2, Informative)

rolfc (842110) | more than 6 years ago | (#20586853)

Actually, I got the question if I wanted to install it. Maybe you just klicked by, as usual in windows?

Re: Ubuntu monitoring (5, Informative)

Dolda2000 (759023) | more than 6 years ago | (#20586955)

Ubuntu installs the package "popularity-contest" by default, which reports every package you're using and how often. That's large scale stealth spying, but it's not proprietary so it should be ok...
Yeah, it is installed by default, but during the installation procedure you do get the question of whether you actually want to enable it. It is worth noting that it defaults to "no" if you just click past it.

Re:Ubuntu monitoring (1)

mhall119 (1035984) | more than 6 years ago | (#20587039)

It may be installed by default, but is it running? I seem to remember having to opt-in to have my package use reported back to Canonical.

Re:Ubuntu monitoring (1)

renegadesx (977007) | more than 6 years ago | (#20587087)

Popularity contest is just census information that does not even get activated without your permission.

What is it with these ACT's (Anonymous Coward Trolls)?

Re:and the surprise is? (2, Insightful)

Anonymous Coward | more than 6 years ago | (#20587037)

95% of Windows users won't care.

Nor should they , because it doesn't matter, and here's why:

Windows is an insecure system that is often easily attacked due to a vast pool of ignorant users who are more than willing to attack their own machine so they can run a "neat" screensaver, a large number of poorly developed applications, and the occasional operating system exploit. If you're using Windows for anything truly sensitive, you're not using it right, and switching to anything else won't help you. There's no reason you can't write Linux/BSD/UNIX/Mac viruses and send them to people dumb enough to follow the instructions to install them, just like people do with Windows viruses that are zipped and password protected.

For most Windows users, without the presence of a competent system administrator, a Linux machine will either be unusable, or just as ridiculously insecure as Windows. You cannot code a patch for the interface between the keyboard and the chair.

And, if you're not using it for anything important - I only play computer games on my Windows machine - who gives a crap?

Oh no! Microsoft might steal my Baldur's Gate save file! Aaaaaaaaah!

Perspective: get some.

Re:and the surprise is? (0, Offtopic)

BronsCon (927697) | more than 6 years ago | (#20587109)

the difference is, you're a -1 troll and GP is a +1 troll

Re:and the surprise is? (1, Funny)

Anonymous Coward | more than 6 years ago | (#20586933)

The solution is simple, install NetBSD.

Why is this a troll? (4, Insightful)

HangingChad (677530) | more than 6 years ago | (#20586945)

Those are exactly the kinds of things you agree to with EULA's, and it's not just Microsoft. Software licenses get more bizarre and dickish by the day.

Re:and the surprise is? (1)

tgatliff (311583) | more than 6 years ago | (#20587169)

Proprietary software has its strengths as well.. Meaning, I use Gentoo and Ubuntu everyday, but, in my opinion, OSX is superior in every way to Ubuntu on the desktop side...

My Opinion??... Work with a company you feel you can trust, but certainly always take the approach that good fences make good neighbors... (Meaning, Trust, but Verify) ... As long as Jobs is at the helm at Apple, though, I personally would never worry one bit about this sort of thing happen... He as a person is trust worthy in my opinion...

To see if you are affected under Cygwin (5, Informative)

morgan_greywolf (835522) | more than 6 years ago | (#20586629)

Under cygwin, you can type:

strings /cygdrive/c/windows/system32/wuapi.dll | grep 7\.0\.6

If you get back something like:


7.0.6000.381
7.0.6000.381 (winmain(wmbla).070730-1740)
7.0.6000.381


then Microsoft has secretly updated you.

This reveals MS Secret loves (5, Funny)

Anonymous Coward | more than 6 years ago | (#20586703)

Does wmbla stand for Windows Man Boy Love Association???

Boy I need to spend time away from the interweb

Re:To see if you are affected under Cygwin (1, Informative)

Anonymous Coward | more than 6 years ago | (#20586899)

Or, if under Windows, you can:
right-click on the file,
select properties,
select the Version tab

seems much more intuitive than your cryptic command line

Re:To see if you are affected under Cygwin (1)

BloodyIron (939359) | more than 6 years ago | (#20586921)

Is this assuming you have automatic updates on, or off.
What instances is this effective/useful? (obviously version checking is useful, but how can you avoid treading on your own feet/settings that "SHOULD" be updating?)

And? (4, Interesting)

FoolsGold (1139759) | more than 6 years ago | (#20586643)

I'm pretty sure the EULA states somewhere MS can do this. You agree to it when clicking that little checkbox for accepting the license when installing the damn OS.

Re:And? (1)

Billosaur (927319) | more than 6 years ago | (#20586855)

Of course, if you got XP pre-installed, you may never know about it. I'm pretty sure the average user may be unaware that Microsoft is busy mucking about behind the scenes. That's why I keep my machine switched off when I'm not using it.

Re:And? (1)

ackthpt (218170) | more than 6 years ago | (#20587025)

I'm pretty sure the EULA states somewhere MS can do this. You agree to it when clicking that little checkbox for accepting the license when installing the damn OS.

It's covered under: That's not wrongdoing, a lie by omission of bugs being patched, that's a feature.

What's the IP address? (3, Interesting)

frovingslosh (582462) | more than 6 years ago | (#20586645)

It would be nice to know the IP address that is being contacted here. With that, automatic update could be turned off at the router/firewall. If you trust Microsoft you always get punished.

Re:What's the IP address? (1)

plague3106 (71849) | more than 6 years ago | (#20586793)

This is interesting. Certainly not something they should be doing.

Odd though, we have WSUS here, and everyone automatically gets approved updates. I haven't found a client yet that has the updated files.

Re:What's the IP address? (1)

j00r0m4nc3r (959816) | more than 6 years ago | (#20587081)

I'm sure Bill Gates has some goons who take care of troublemakers like you.

Dear god. (5, Insightful)

Brian Lewis (1011579) | more than 6 years ago | (#20586651)

Is it me or does this just seem down right nasty?

If a person who uses vista or xp did not want any updates to their OS, they turn off Automatic updates. It's their choice. Where does Microsoft get off thinking that something like this is acceptable?

If I ran either of those operating systems, I would probably file a lawsuit, as to me that is a huge invasion of privacy. If they can force you to update those few files, they can absolutely view any and every file on your computer.

Although, this should come as no surprise...

Damages (1)

dreamchaser (49529) | more than 6 years ago | (#20586745)

While I agree with you in priciple, in order to file a lawsuit you have to be able to show some kind of damages. Now, if this update were to fubar your machine you might have standing, otherwise I'm not sure a court would take it.

IANAL though.

Re:Damages (1)

Brian Lewis (1011579) | more than 6 years ago | (#20586827)

Damages can be shown in several ways.

Say, for instance, that I have my XP machine setup just the way I want it. I don't want any other changes as it is perfect, to me, as it is (yes, I know this would never happen with a Microsoft product but still..). By Microsoft coming in and forcing an update, they are damaging my otherwise perfect setup. If one piece of software stops working, can a person not easily blame this on the update they forced on me?

I know it's just a principle, but who knows... debate! :D

Re:Damages (1, Insightful)

Anonymous Coward | more than 6 years ago | (#20586911)

If you certified that PC for use in the current configuration it will have to be recertified now that it has changed, the cost of re-certification should count as damage.

I can't remember - Diebold voting machines don't run on a version of windows do they? :)

Re:Damages (1)

Brian Lewis (1011579) | more than 6 years ago | (#20587023)

If you certified that PC for use in the current configuration it will have to be recertified now that it has changed, the cost of re-certification should count as damage.

I can't remember - Diebold voting machines don't run on a version of windows do they? :)
Damn, I can't believe I even forgot about certification. That would definitely cost a bit. I'm sure you could also count your hourly rate in re-testing everything to make sure it works and make sure the recertification would happen.

Also, how about some emotional distress? We all know that all SA's cry when stuff is changed/broken while they took that quick nap.

Re:Dear god. (3, Insightful)

The Cisco Kid (31490) | more than 6 years ago | (#20586787)

No, its not their choice. Once you choose Microsoft, their terms allow them to choose anything and everything else that Bill Gates & company want to chose for you.

The only choice is to either use Microsoft products, or not to. One leaves someone else in control of your system, another retains control for you.

Anyone who is shocked or surprised by this just hasnt been paying attention for the last ten years or so.

Re:Dear god. (1)

LordLucless (582312) | more than 6 years ago | (#20586925)

Except that in many (most?) jurisdictions, their terms aren't legally enforceable. I know where I am, click-through EULAs are not valid - you need to able to read them before you purchase the software for them to be binding.

Why are you whining? (2, Insightful)

The Cisco Kid (31490) | more than 6 years ago | (#20586657)

You chose to use proprietary software from a company that uses its control to illegally maintain a monopoly. You really think they are going to be bothered to care wether you give permission to update that software any damn time they want, for whatever reason they want? (And/or, a company that produces shoddy unstable 'oh look its shiny' software for nincompoops and that they are competent enough to actually be able to keep track properly)

There is no halfway. Eiher you give control of your system to Microsoft, or you dont (by not running *ANY* Microsoft software). If you have a problem with the agreement that you choose to let MS impose on you, take it up with MS (or their local sychophants, or your attorney). Why annoy people who dont care?

Re:Why are you whining? (2, Interesting)

Gilatrout (694977) | more than 6 years ago | (#20586805)

I've always asserted that an OS is by its very nature an natural monopoly. This is not to excuse the behavior of entities which use a natural monopoly to nefarious ends. For what it's worth, I prefer the Windows monopoly to say Apple's (not that I dont covet a Mac mind you) monopolistic actions with regard to thier OS, in particular the iPhone.

WGA is coming to get you (3, Insightful)

rucs_hack (784150) | more than 6 years ago | (#20586665)

I'd give it six months and this will be used to enforce install of WGA on every windows machine.

Re:WGA is coming to get you (0)

Anonymous Coward | more than 6 years ago | (#20586883)

Actually they've already stopped pushing it as a "Critical Update" in Automatic Updates on XP.

-C

That's the last thing you want! (2, Interesting)

BadAnalogyGuy (945258) | more than 6 years ago | (#20586675)

Why would you want to run an unpatched XP box?

Re:That's the last thing you want! (4, Informative)

musikit (716987) | more than 6 years ago | (#20586705)

because a large majority of people dont patch windows and i need to test my software with the least common demoninator to ensure it works on all systems

Re:That's the last thing you want! (3, Interesting)

Pojut (1027544) | more than 6 years ago | (#20586799)

OK, so have a "test box". I myself have one. Guess what cable never get's plugged into it? That's right, the ethernet cable. If I'm doing something that requires the use of my in-house LAN, guess what gets unplugged....that's right, my connection to the outside world.

It's not that difficult really...I find that having an isolated not-connected (not even to my internal network) windows 98 box is FANTASTIC for my older games...fuck DosBox, I'll just build a 200 dollar killer Win98 box.

Re:That's the last thing you want! (2, Interesting)

Hachima (718971) | more than 6 years ago | (#20586849)

Does this mean you should also install every toolbar/spyware known to man as part of your development process? To ensure it works on all systems? Patched or unpatched, you are missing out on huge target audiences in either case.

Re:That's the last thing you want! (0)

Anonymous Coward | more than 6 years ago | (#20586879)

Usually it's either:
A) You're running an illegitimate copy, i.e., you can't get updates anyway, so why bother having the service run at all?
or
B) Because you've been burned by patches gone awry before, and as such you disabled windows update for a damn good reason -- to prevent things such as your livelihood going down the drain when the next poorly vetted patch comes along.

Assuming this is their next move to force all Windows boxen to run WGA... I know a lot of people who fall into both categories. Trust me, the amount Microsoft stands to lose from pissed off businesses which change vendors far exceeds the amount they could possibly gain from home users.

Re:That's the last thing you want! (-1, Troll)

dkarma (985926) | more than 6 years ago | (#20586935)

Why would you want to run a patched xp box???? It's not like it's more secure...the xp security is like swiss cheeze and many of their updates have been known to BSOD, crash computers, corrupt data or worse. WHY ON EARTH WOULD YOU TRUST MICROSOFT?!?!?!

Re:That's the last thing you want! (1)

dashslotter (1093743) | more than 6 years ago | (#20586969)

Or perhaps you have delivered some sort of dedicated machine that is contractually bound to be in a constant configuration, or at least require human review before applying configuration changes (medical, military). It is not up to MS to decide that no such machines exist with access to the web.

Re:That's the last thing you want! (1)

SmokeyTheBalrog (996551) | more than 6 years ago | (#20586977)

If you have an illegal copy of windows. The patches will NOT protect/secure you from virus/attacks/etc, BUT will allow MS to kill your machine.

What level of 'disabled' (5, Interesting)

quantum bit (225091) | more than 6 years ago | (#20586679)

I wonder if this still happens even if you have set the Automatic Updates service to 'Disabled' in services, rather than using the control panel applet which tells it not to update but still leaves the service running.

Probably a good idea to disable the BITS service too.

Re:What level of 'disabled' (2, Insightful)

ILuvRamen (1026668) | more than 6 years ago | (#20586781)

In my experience, if you turn BITS off you can't run Windows Update even if you wanted to. Even if you re-enable it, it doesn't work until you restart the computer once.

Re:What level of 'disabled' (3, Interesting)

dc29A (636871) | more than 6 years ago | (#20586909)

I tried something like that with WMI when MOM agent (or was it SMS agent, can't recall) was eating up way too much CPU. I disabled WMI service. Reboot the machine, to my shock, WMI service was started despite being disabled. If MOM or SMS can do that, I am sure Windows Update could force start BITS even if it's disabled.

If they can push... (4, Insightful)

loki.jf (1156263) | more than 6 years ago | (#20586695)

Can they pull? Interesting question to ask I think.

Re:If they can push... (1)

Gilatrout (694977) | more than 6 years ago | (#20586709)

After another silent update, sure.

Re:If they can push... (1)

plague3106 (71849) | more than 6 years ago | (#20586851)

Its not a push anyway, I'd think. Most likely the clients pull the update for WU automatically. I'd think that disabling the Automatic update service would stop this.

Really odd is that we have AU set to on for us, and we haven't gotten any updates..

Re:If they can push... (1)

Svartalf (2997) | more than 6 years ago | (#20587021)

You probably already GOT them.

They've *always* had the ability to pull.... (3, Interesting)

Anonymous Coward | more than 6 years ago | (#20586895)

...since Windows 95 even. It's part of the remote registry background process that facilitates the ability to read data from any file in the filesystem, not just only the registry files.

Why does no one every read the license (4, Insightful)

skyggen (888902) | more than 6 years ago | (#20586701)

license? Do you own your copy of windows? No. You are only licensed to use it under their terms. Do you own M$ Office? No. You are only licensed to use it. If Microsoft wants to change their files on your computer they can. Also read carefully because some licenses of Microsoft actually claim that were you to so much as add any hardware you no longer are licensed and your windows copy will be in validated. I use linux, I don't have these problems. It has never been that Linux was a superior operating system. I mean for the longest time I had to deal with so much shit to to listen to an mp3. BUT the one thing about Linux is Your copy is Your copy to share and to see everythijg it does. Using linux was the first time I could take my Foil Hat off in years.

Re:Why does no one every read the license (3, Insightful)

tgd (2822) | more than 6 years ago | (#20586753)

Wrong, your copy of Linux is no more yours than your copy of Windows. Both are copyrighted works owned by others which you have a limited license to use. In the case of Linux that license grants a few more (limited) rights than Windows does, but its entirely inaccurate to claim that you own your Linux copy.

Re:Why does no one every read the license (1)

fabs64 (657132) | more than 6 years ago | (#20586983)

You are correct, but it's more than "a few more", as you can do whatever the hell you like with your copy of GPL software other than redistribute it.

Only when doing that do any restrictions kick in.

Re:Why does no one every read the license (1)

tgd (2822) | more than 6 years ago | (#20587097)

Correct, but his copy of "Linux" is not entirely GPL software -- there are a lot of licenses and significantly there are a lot of trademarks in there.

Redistribution is not the only set of limitations. Generally all rights are reserved to the copyright owner except those explicitly granted. GPL explicitly grants rights, it does not explicitly restrict rights around distribution. It may effectively do so, but the GPL (like any license of copyrighted material) is a list of rights granted.

Re:Why does no one every read the license (2, Informative)

Anonymous Coward | more than 6 years ago | (#20587163)

its entirely inaccurate to claim that you own your Linux copy.

Firstly, copyright is not ownership. If you buy a copy of software, you own that copy.

Secondly, you don't need a license to install and use software. Copyright does not cover copying that is necessary in order to use software.

Thirdly, you do not have to agree to the terms of the GPL in order to use GPLed software. You already have the right to use it. The GPL grants you the right to distribute copies to others.

There's so many people out there just wildly assuming what the law is or going on hearsay. Read the fucking law and the licenses before spouting off with your uninformed opinion please.

Re:Why does no one every read the license (-1, Troll)

Mr. Underbridge (666784) | more than 6 years ago | (#20586843)

Beautifully trolled sir, I commend you.

Which begs the question... (5, Insightful)

pieaholicx (1148705) | more than 6 years ago | (#20586721)

Does this mean that somewhere hidden deep in the API is the ability to automatically download and install files without user consent? Does this mean that somebody else could use that exact API to do something a bit less friendly? Does anybody else feel a whole new batch of windows security alerts?

Re:Which begs the question... (1)

interiot (50685) | more than 6 years ago | (#20587181)

Windows Update files are signed by Microsoft, so a potential hacker would have to first steal the private key from Microsoft before they could send out malicious updates.

Is it only happening to XP and Vista? (5, Informative)

Mark_in_Brazil (537925) | more than 6 years ago | (#20586735)

TFAs only mention XP and Vista, but I have Windows 2000 (it will be the last Windows I ever own, and I'm just keeping it running until my end-of-year trip to the USA, when I'll buy a Macbook) and was surprised when I woke up one day this week (either the 11th or 12th of September) and found my computer showing the "got restarted and waiting for somebody to log in" screen. Before I had a UPS, that happened now and then, but since getting a UPS, that shouldn't happen unless we get a major power failure that lasts longer than the several minutes my UPS's battery gives me. That hasn't happened since I got my UPS, and I noticed that other things around the house showed no signs of power loss, despite my computer having been restarted.
When I logged in, Windows Update informed me that it had installed updates. That's hard to understand, since I've had Windows Update configured for a long time now to ask me before installing anything. When I saw the item on /., I thought I might have discovered what happens, but TFAs only talk about XP and Vista.

So was what happened to my computer (running Win2K) the same thing? Did others with old versions of Windows have the same experience?

Re:Is it only happening to XP and Vista? (1)

Svartalf (2997) | more than 6 years ago | (#20586953)

There's a thread above you that mentions some of how to possibly check for changes.

I suspect any of the updating OSes that they're "supporting" got updates.

No statement from M$? (5, Insightful)

Sqweegee (968985) | more than 6 years ago | (#20586771)

I'm really surprised that they think so little of us that they didn't at least bother to write up a canned statement about the update. Didn't they expect anyone to notice the patching? Many people take others messing with their PCs very seriously, be it micro$oft or some script kiddie out there, and track this kind of thing constantly.

Any word on what the purpose of the patching is?

Re:No statement from M$? (1)

Svartalf (2997) | more than 6 years ago | (#20587083)

Why would you think there'd be ANY statement from them- owning up to something
like this is very bad for their position at this point in time.

Re:No statement from M$? (2, Interesting)

canipeal (1063334) | more than 6 years ago | (#20587149)

I'm not a Microsoft fanboy by any means, but has anyone considered the possibility that the forced update could be due to a unknown critical exploit in WU?

Re:No statement from M$? (1)

pieaholicx (1148705) | more than 6 years ago | (#20587175)

Isn't the ability to push these updates silently a critical flaw that could be exploited? Patch one hole through another hole?

Not so evil... (0)

Anonymous Coward | more than 6 years ago | (#20586801)

Now if only we can get Microsoft to patch up all those virus riden spam bots and clear up the net for once and for all.

Reduced functionality? (0)

Anonymous Coward | more than 6 years ago | (#20586811)

Since Microsoft is worried about Vista sales, they shouldn't be improving XP -- and I don't know why they would do that secretly. So, I wonder if this patch is supposed to reduce XP functionality.

Unfortunatelly, if MS is caught doing that, they can always claim "ops, it was just another bug". Nobody will notice.

Re:Reduced functionality? (2, Interesting)

berashith (222128) | more than 6 years ago | (#20587011)

I would guess the WGA is updated, and an ability to stop pirated copies of old OS is in the works. Good way to sell more copies of Vista when the problem is that people are holding on to their old OS. Turn off the old one, they gota buy something.

omg hackers (5, Interesting)

deftcoder (1090261) | more than 6 years ago | (#20586819)

Why hasn't someone diff'd the files that were updated and dived into the disassembly and checked to see what was actually changed?

Would be more informative than bitching about it...

Botnet (0)

Anonymous Coward | more than 6 years ago | (#20586873)

Anyone interested in creating a supercomputer (read "computer-mafia" botnet) consisting of roughly 90-95% personal computers connected to the internet? I wonder why this wasn't already discovered by virus programmers, software that install without user interaction automatically.

Impact to business admins and users? (0)

Anonymous Coward | more than 6 years ago | (#20586937)

I don't manage any of our desktops, laptops, or Windows "servers" here at work, but I would expect that this would have some impact on our ability to manage the images we have distributed to these systems if this happened even. We disable the automatic updates service, but I'm not everyone does this.

There are three ways to prevent this (1)

Big Nothing (229456) | more than 6 years ago | (#20586949)

There are three alternatives you can use if you want to prevent this:
1. Yank the network cord
2. Yank the power cord
3. Install some *BSD (or even Linux will suffice)

Re:There are three ways to prevent this (1)

ettlz (639203) | more than 6 years ago | (#20587065)

3. Install some *BSD (or even Linux will suffice)
Yeah, cause there's no bloody way anyone could possibly miss portupdate -a suddenly kicking off.

A no Win Situation (no Pun intended) (2, Interesting)

Zephida (1016417) | more than 6 years ago | (#20586951)

Scenario (A) Lazy Windows users, don't update there Windows to the latest Patches, said computers become infected with spyware/bots/trojans, everybody blames Micro$oft for having shoddy insecure software Scenario (B) Windows ensures than users always have the latest update & security measures by forcing updates on users, and everybodys blames Micro$oft for invading thier privacy Simple I know - but I can't really see what else is expected of Micro$oft? They lose either way.

Re:A no Win Situation (no Pun intended) (0)

Anonymous Coward | more than 6 years ago | (#20587103)

I guess their choice has to depend on which group is bigger: Lazy users with unsecured computers or techies that will complain about "privacy". I'd say the former outnumbers the latter by an order of magnitude or two, and as such MS made a logical choice.

Well that is it... (1)

tgatliff (311583) | more than 6 years ago | (#20586961)

Port blocking it is.... Nothing ticks me off more than someone "thinking" that they know what is better for me than I do.... I dont care who it is.. If Apple did something like this I would be just as pissed!!! In fact, M$ is giving me even more reasons why I love OSS...

It's just the DOS 5.0 update push... (2, Funny)

capnkr (1153623) | more than 6 years ago | (#20587007)

...as seen yesterday in that hot video. :/

-----------

Informal poll: Raise your hand if you are surprised that microSoft did/does sneaky updates like this.

What? Noone? Noone at all???

It's expected, by now, and accepted. Sadly.

Same old, same old -and one of the many reasons I've been mS-Free for 8 years...

You granted permission (1)

nurb432 (527695) | more than 6 years ago | (#20587027)

When you agreed to the EULA.

Your recourse if you don't agree is to stop using the software.

Re:You granted permission (1)

tomstdenis (446163) | more than 6 years ago | (#20587179)

EULAs are notoriously unenforceable in court. Mostly because they're not present at the time of purchase. You can't tact on agreement requirements after the purchase has been made.

Otherwise, what's to stop your landlord or bank from demanding more money after you sign a lease/mortgage? Or your car dealer from telling you your car is worth $10k more now and they've upped your car payments?

exploit (0)

Anonymous Coward | more than 6 years ago | (#20587049)

If that update mechanism has a bug or something exploitable...
wow, that would enable some software to get a hold of the full installation base of windows xp..

The scariest part. (0)

Anonymous Coward | more than 6 years ago | (#20587055)

If Microsoft can do it... then ANYONE can. That's the nice thing about back doors into software, especially one that lets you fundamentally change how Windows looks for new files.

Policy violation (5, Interesting)

NullProg (70833) | more than 6 years ago | (#20587077)

Doesn't this violate every corporate network policy on the planet? What about the defense department?
What if the one of the computers was monitoring a critical system and the stealth upgrade crashed the system?

Isn't this a violation of Sarbanes-Oxley computer auditing requirements?

Food for thought.
Enjoy,

Automatic Updates Service (1)

Crock23A (1124275) | more than 6 years ago | (#20587095)

If the Automatic Updates service is disabled, you can't manually update Windows through the web site. This may be intentional on the part of Microsoft so they can initiate these back-door updates whenever they see fit. This also forces one to conclude that disabling automatic updates through the control panel does nothing.

In corporate America Microsoft Windows updates You (2, Funny)

zygoon (809512) | more than 6 years ago | (#20587107)

(this may become obligatory comment sooner than you expect)

Hold on... (1)

Phil246 (803464) | more than 6 years ago | (#20587155)

XP SP1?
Why havent these people upgraded to SP2 in the first place?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...