Microsoft Pushes Updates without Permission
Who's PC is it any way? Microsoft seems to think they can go in an touch up a few things with the operating system now and then without bothering to ask permission. Information Week is reporting that Windows XP and Vista can be secretly updated:
Over the last few weeks, without user approval, Windows Update has updated nine small executable files in both Windows XP and Windows Vista. "I did not download this and my Windows Update is still not set to automatic," a poster named Engle wrote on a Microsoft discussion board. "This has got me really puzzled." Both eWeek Labs and Windows Secrets report that they have confirmed cases of Windows Update downloading and installing an update without permission.
This is almost too hard to believe for two reasons.
First, Sony was hammered for their little copy protection misstep when their music CDs installed a rootkit without notifying users. And then there was the Sony USB rootkit discovered recently. Did someone at Microsoft not get the memo on this one? We don't tamper with other people's systems, period.
The second problem is the obvious concern that hackers will exploit this stealth installation function to distribute malware. Some notes on Schneier on Security point out that Microsoft digitally signs its downloads so in theory no one else should be able to push code through this mechanism.
For me the biggest problem is the arrogance in thinking you can push patches without telling a customer. How many IT pros have lost days, if not more time, pulling patches that broke some critical application. It's hard enough to diagnose problems when users think "but nothing has changed", the least we can do is not change things without their knowledge.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
