Slashdot Mirror
Microsoft Installs New Software Without Permission
Futurepower(R) writes "Even though I have Automatic Updates turned off, on August 28, 2007, between 3:49 and 3:51 AM PDT, Microsoft installed new files on my Windows XP computer." Nine files are updated on Vista and on XP SP1, a different set of on each, relating to Windows Update itself. Microsoft-watch.com's Joe Wilcox and ZDnet's Adrian Kingsley-Hughes confirm the stealth update.
Block M$ from having an interwebs connection and update from windiz, works even if they decided to ignore your settings.
They fitted George Orwell's coffin with rollers so he could turn over more easily years ago.
...I cant see how anyone on /. would ever object.
Anyone want popcorn?
That's the proprietary software world for you.
The solution is simple, install Ubuntu.
Under cygwin, you can type:
/cygdrive/c/windows/system32/wuapi.dll | grep 7\.0\.6
strings
If you get back something like:
7.0.6000.381
7.0.6000.381 (winmain(wmbla).070730-1740)
7.0.6000.381
then Microsoft has secretly updated you.
My blog
I'm pretty sure the EULA states somewhere MS can do this. You agree to it when clicking that little checkbox for accepting the license when installing the damn OS.
It would be nice to know the IP address that is being contacted here. With that, automatic update could be turned off at the router/firewall. If you trust Microsoft you always get punished.
I'm an American. I love this country and the freedoms that we used to have.
Is it me or does this just seem down right nasty?
If a person who uses vista or xp did not want any updates to their OS, they turn off Automatic updates. It's their choice. Where does Microsoft get off thinking that something like this is acceptable?
If I ran either of those operating systems, I would probably file a lawsuit, as to me that is a huge invasion of privacy. If they can force you to update those few files, they can absolutely view any and every file on your computer.
Although, this should come as no surprise...
You chose to use proprietary software from a company that uses its control to illegally maintain a monopoly. You really think they are going to be bothered to care wether you give permission to update that software any damn time they want, for whatever reason they want? (And/or, a company that produces shoddy unstable 'oh look its shiny' software for nincompoops and that they are competent enough to actually be able to keep track properly)
There is no halfway. Eiher you give control of your system to Microsoft, or you dont (by not running *ANY* Microsoft software). If you have a problem with the agreement that you choose to let MS impose on you, take it up with MS (or their local sychophants, or your attorney). Why annoy people who dont care?
I'd give it six months and this will be used to enforce install of WGA on every windows machine.
Why would you want to run an unpatched XP box?
Why should you have to?
It could be worse, it could be Monday.
I wonder if this still happens even if you have set the Automatic Updates service to 'Disabled' in services, rather than using the control panel applet which tells it not to update but still leaves the service running.
Probably a good idea to disable the BITS service too.
Can they pull? Interesting question to ask I think.
license? Do you own your copy of windows? No. You are only licensed to use it under their terms. Do you own M$ Office? No. You are only licensed to use it. If Microsoft wants to change their files on your computer they can. Also read carefully because some licenses of Microsoft actually claim that were you to so much as add any hardware you no longer are licensed and your windows copy will be in validated. I use linux, I don't have these problems. It has never been that Linux was a superior operating system. I mean for the longest time I had to deal with so much shit to to listen to an mp3. BUT the one thing about Linux is Your copy is Your copy to share and to see everythijg it does. Using linux was the first time I could take my Foil Hat off in years.
Does wmbla stand for Windows Man Boy Love Association???
Boy I need to spend time away from the interweb
Does this mean that somewhere hidden deep in the API is the ability to automatically download and install files without user consent? Does this mean that somebody else could use that exact API to do something a bit less friendly? Does anybody else feel a whole new batch of windows security alerts?
http://blog.heavensdomain.net
TFAs only mention XP and Vista, but I have Windows 2000 (it will be the last Windows I ever own, and I'm just keeping it running until my end-of-year trip to the USA, when I'll buy a Macbook) and was surprised when I woke up one day this week (either the 11th or 12th of September) and found my computer showing the "got restarted and waiting for somebody to log in" screen. Before I had a UPS, that happened now and then, but since getting a UPS, that shouldn't happen unless we get a major power failure that lasts longer than the several minutes my UPS's battery gives me. That hasn't happened since I got my UPS, and I noticed that other things around the house showed no signs of power loss, despite my computer having been restarted. /., I thought I might have discovered what happens, but TFAs only talk about XP and Vista.
When I logged in, Windows Update informed me that it had installed updates. That's hard to understand, since I've had Windows Update configured for a long time now to ask me before installing anything. When I saw the item on
So was what happened to my computer (running Win2K) the same thing? Did others with old versions of Windows have the same experience?
"It is nice to know that the computer understands the problem. But I would like to understand it too." --Eugene Wigner
I'm really surprised that they think so little of us that they didn't at least bother to write up a canned statement about the update. Didn't they expect anyone to notice the patching? Many people take others messing with their PCs very seriously, be it micro$oft or some script kiddie out there, and track this kind of thing constantly.
Any word on what the purpose of the patching is?
Why hasn't someone diff'd the files that were updated and dived into the disassembly and checked to see what was actually changed?
Would be more informative than bitching about it...
Peace sells, but who's buying?
What is really sad is that everybody here blindly trust this "article" without really checking and re-checking other sources. That's the scary thing these days.
It's time to realise that Abble's products are the biggest abomination these days. Just say NO to the dumb iAbble way!!
Actually, I got the question if I wanted to install it. Maybe you just klicked by, as usual in windows?
...since Windows 95 even. It's part of the remote registry background process that facilitates the ability to read data from any file in the filesystem, not just only the registry files.
Those are exactly the kinds of things you agree to with EULA's, and it's not just Microsoft. Software licenses get more bizarre and dickish by the day.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Scenario (A) Lazy Windows users, don't update there Windows to the latest Patches, said computers become infected with spyware/bots/trojans, everybody blames Micro$oft for having shoddy insecure software Scenario (B) Windows ensures than users always have the latest update & security measures by forcing updates on users, and everybodys blames Micro$oft for invading thier privacy Simple I know - but I can't really see what else is expected of Micro$oft? They lose either way.
...as seen yesterday in that hot video. :/
-----------
Informal poll: Raise your hand if you are surprised that microSoft did/does sneaky updates like this.
What? Noone? Noone at all???
It's expected, by now, and accepted. Sadly.
Same old, same old -and one of the many reasons I've been mS-Free for 8 years...
"...there are some things that can beat smartness and foresight. Awkwardness and stupidity can." ~ Mark Twain
I would guess the WGA is updated, and an ability to stop pirated copies of old OS is in the works. Good way to sell more copies of Vista when the problem is that people are holding on to their old OS. Turn off the old one, they gota buy something.
Doesn't this violate every corporate network policy on the planet? What about the defense department?
What if the one of the computers was monitoring a critical system and the stealth upgrade crashed the system?
Isn't this a violation of Sarbanes-Oxley computer auditing requirements?
Food for thought.
Enjoy,
It's just the normal noises in here.
/.er:Windows is insecure, Microsoft is evil.
/.er:Where are my patches?
/.er:You're evil because you patched my system.
MS:O.k., we'll make a system the user can run and patch them system that way.
/.er:You're evil because most lusers won't set it up properly and the net will be taken over by these luser's machines.
MS:O.k, we'll patch the system involuntarily.
/.er:You're evil for patching my system that way.
MS: You've made a career at being happy with whatever prevails, right?
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
(this may become obligatory comment sooner than you expect)
That's a fine setting for a home system. It's asking for trouble in a corporate environment, particularly one where you run custom applications or services. If this happens on your home computer, it's largely an issue of annoyance and inconvenience. If it happens to large numbers of computers in an enterprise, it may mean losses of millions of dollars. Most enterprises test patches on lab machines to identify issues before they deploy them. MS (or Ubuntu or Apple or whomever) has no business patching anyone's machine without permission. Period.
"The legitimate powers of government extend only to such acts as are injurious to others." Thomas Jefferson.
No, whats really scary is just how common it is for blind-MS hate and Linux fanboi-ism to cause people who should know better to do things like run with Windows Update turned off.
Many companies will not install patches - even the automatic Windows Update ones - until they have a chance to test it themselves and make sire that the patch doesn't inadvertently break mission critical applications.
Sometimes, even with known issues, the devil you know is better than the devil you don't...
I happen to like the fact that all three OS's I use (Ubuntu, OSX and Windows) patch themselves automatically for critical updates. I don't get butthurt about any of the three keeping themselves updated.
Wait until you get a call at 4:30 AM from an irate boss complaining that [Killer App A] is no longer working because a patch overwrote a DLL and it's now *your* problem.
If Automatic Update works for you - that's great for you. But for a lot of companies, automatic updates is like playing Russian roulette with a Glock 9mm...
Why not have a cron job that does apt-get update && apt-get -y upgrade?
I patch the boxes myself. I do it regularly. I CAN NOT have Microsoft patch them automatically because I run long duration tests that CAN NOT be interrupted by an update or a reboot.
This was definitely without my permission, and raises the question about who has control over my computer, me or Microsoft. If Microsoft can put files on my computer without my knowledge, then it is really Microsoft's computer, which is control that I find extremely objectionable.
http://en.wikipedia.org/wiki/Begging_the_question
Please read.
The only thing that Automatic Updates, updates is itself, the AU service can be disabled, and this doesn't apply to computers running under WSUS (read: every corporate network machine, so only applies to home computers).
So it's not brilliant of MS to do this, but not the end of the world either.
Ok ok! There's no excuse, you're right.
throw new NoSignatureException();
I'd really like to know the purpose.
If it were anyone but MS, I'd assume it was a countermove to Storm or some other large botnet (you don't think Storm's the only one, do you?) which disables or subverts the usual automatic update process.
Knowing this is from MS, I wouldn't be surprised if it's WGA or some DRM crap.
Assorted stuff I do sometimes: Lemuria.org
As far as i am concerned, you need to have administrative privileges to alter those files. That means - MS does have them. So they have access to all data on affected (or should I say infected) PC. Now that's something authorities have to be VERY worried about. If they can use this loophole - someone else can act the same way. So much for privacy...
Ahh, what a pleasure it is to run emerge -uDN world. Updates only when YOU decide to do them. Ultimate freedom if you wish.
This freedom clearly overcomes all artificial difficulties with Linux. By "artificial" i mean hardware providers who don't provide drivers/specs and stupid patent regulations that require you to manually install additional codecs in order to play mp3/dvd. Linux IS a superior system because both problems have nothing to do with the system itself.
On a more personal level, I dislike most Microsoft products (with certain notable exceptions), because I think they have a corporate culture that promotes mediocrity and "good enough"-ness. As someone who has always labored to pursue quality and technical correctness as an end in itself, I find the inherent laziness in their products offensive. I understand this is a personal decision; looking at other product arenas, the mass market is usually filled with garbage. This is fine, and consumers should have a choice as to what they want to buy. However, I detest Microsoft for virtually eliminating the consumer's ability to buy better.
Also, they have an apparent contempt for both their competitors, which is understandable if unwarranted, and their customers, which is unacceptable.
I don't hate Microsoft for being on top. I hate them for being on top, while pushing an inferior product than the market would produce in their absence, on all of us.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
the article says that computers configured to update via WSUS were not affected. I can confirm that my computer wasn't updated. Most companies that pay attention to their updates probably use WSUS to manage them.
-- "Freedom is the right of all sentient beings" -Optimus Prime
Exactly what I was going to say. Any larger organization worth its salt is using a standard image on their PCs. Changes to that image have to be properly vetted through a change control process. For Microsoft to make changes with AutoUpdate turned off is, quite simply, wrong.
It sounds from TFA that Automatic Updates wasn't completely disabled, but probably set to 'notify me when new updates are available but don't download or install them'. In that case the service is still running and periodically phoning home to get the list of updates.
Presumably there's some sort of flag that can be set on an update which overrides the user's settings and installs it anyway. Reading the other comment from the article's author it sounds like there WERE entries in the event log about its installation, which would seem to indicate that it's a relatively "normal" update with a special flag set (or possibly a bug in WUAU), rather than some super-secret backdoor.
It's still inexcusable for them to have even put in that ability in the first place, much less be using it.
Blind MS hate? Bitter experience, more likely.
"I've got more toys than Teruhisa Kitahara."
Microsoft did it.
-
=D
I can recall their updater running without my say so a few times now. So I figure my still running Windows is implicit consent. And frankly as someone "technical" yes it seems offensive, but if you consider Microsofts position when faced with a potential security melt-down all over the news vs. a little whining on /. it seems like an easy thing for them to do. And it wouldn't surprise me if their updater was remotely exploitable. Actually it would surprise me if it wasn't.
-- http://thegirlorthecar.com funny dating game for guys
None of them have the indicated "stealth" updates.
The only computer that has the "7.0.6000.381" versions is a laptop that I explicitly updated last night (before reading about this issue.) Both the Win XP Home and Win XP Pro partitions have the newer wu* files... the ubuntu partition does not ;-)
Do you have that ugly Windows Security Alerts shield in your system tray? Mine is turned off. Maybe the wscntfy.exe program gets some updates for the update program... and I don't have that running.
At the end of the day, I suspect there is a way to prevent "stealth updates", and it won't be anything sinister, just average programming at work.
This issue is a bit more complicated than you think.
You are completely wrong. You don't have to agree to any license to use linux at all. You can do whatever you want with it within the bounds of copyright law without agreeing to anything at all. The only time the license applies is when you want to do something copyright law prohibits. That's COMPLETELY unlike the windows licensing situation.
It is completely accurate to say that your copy of linux is completely yours. So is your copy of windows for that matter, it is just a question of wether or not the creators of the software acknowledge it and try to restrict your usage later with extra license terms you are promted to agree to at install time.
From microsofts own webiste.
List of know applications that service pack 2 broke
Untest updates are always bad for business.
OL Toolbar 1.13.2 AOL 32-bit and 64-bit (NX) http://www.aol.com/ The Information Bar blocks access to the tool's edit boxes.
PhotoShop CS 8.0 Adobe 64-bit (NX) http://www.adobe.com/products/photoshop/main.html Program installs, but will not start.
BlackICE 3.6 crj Internet Security Systems 64-bit (NX) http://www.iss.net/ When you use this program, you may receive a Stop error that causes the program to quit.
BootSkin All Stardock 32-bit and 64-bit (NX) http://www.stardock.com/ When you restart your computer during the Windows XP SP2 Setup program, a Stop error occurs. For more information, see the following Microsoft Knowledge Base article: http://support.microsoft.com/default.aspx?scid=kb;%5Bln%5D;873159.
Command Antivirus 4.9 Authentium 32-bit and 64-bit (NX) http://www.authentium.com/ This program does not start.
Encyclopedia Britannica 2000 Deluxe 1 Encyclopedia Britannica 32-bit and 64-bit (NX) http://www.britannica.com/ Java rendering does not function after you install this program.
eTrust EZ Armor 1 Computer Associates 64-bit (NX) http://www.ca.com/ The EZ Firewall part of this program generates a Stop error during installation.
Freedom Force 1 Electronic Arts 32-bit and 64-bit (NX) http://www.ea.com/ When you start the program, a message appears that points you to the following EA Web site: http://techsupport.ea.com./
Kaspersky Anti-Virus (German) 4.5 and 5.0 Kaspersky Labs 64-bit (NX) http://www.kaspersky.com/ Real-Time scanning does not work in version 4.5 or 5.0. The vendor's Web site has available product updates that are designed to address this issue.
Live Motion 1 Adobe 32-bit and 64-bit (NX) http://www.adobe.com/ This program displays various errors that prevent typical operation.
MapSend DirectRoute 1.0 Magellan 32-bit and 64-bit (NX) http://www.magellangps.com/ When you start the program, a message appears that points you to the following Web site: http://www.magellangps.com/en/support.
MPEGcraft DVD All Canopus 32-bit and 64-bit (NX) When you try to save an MPEG file, you receive a "Failed to Edit" error, and the file cannot be saved.
NBA LIVE 2000 1 Electronic Arts 32-bit and 64-bit (NX) http://www.ea.com/ This program does not start in certain systems.
NOD32 for Microsoft Windows 2.000.11 Eset 64-bit (NX) http://www.eset.com/ When this program is started on an AMD64-based computer, all network connectivity is lost. To resolve this issue, upgrade to NOD32 version 2.12.2 or higher.
Norman Personal Firewall 1.4 Norman 32-bit and 64-bit (NX) http://www.norman.com/ Norman Personal Firewall Assistant will not start.
Norman Personal Firewall 1.4 Norman 64-bit (NX) After this program installs and restarts, the desktop does not load correctly
Norton AntiVirus 2003 Symantec 32-bit and 64-bit (NX) http://www.symantec.com/ At system startup, Scheduled Tasks in Norton AntiVir
You linked to twitter's journal, eh?
Indeed, I did and I'd like to thank all of you Assholes Cowards for pointing it out to me. I ordinarily ignore your posts and don't pay much attention to user names. Your "ERRIS is the TWITTER" nonsense finally enticed me to look and I like what I found. Please keep advertising twitter.
Non free software is a vital part of any government's attack on people's liberty. Besides the direct attack on software freedom, non free software is used to keep tabs on citizens and censor their news. Even when it's not directly abused as it is in China, non free software is insecure and presents an unacceptable treat to the free internet and every form of free communication. Twitter points these things out and I'll continue to link to him and others where appropriate.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Ho-ho-hold on, hold on one second. This installation has a substantial dollar value attached to it.
Where we have strong emotions, we're liable to fool ourselves. -- Carl Sagan Sh!fty
Sorry for replying to my own post, but further reading suggests this isn't nearly as bad as TFSummary makes out. If you follow the links to the stories on the other sites, and read the comments and links given there, a lot of people are suggesting that this is only updating Windows Update files when you visit the Windows Update site, and not in fact a push of arbitrary changes at all. There's so much hype and FUD flying around this discussion that it's hard to see the wood for the trees.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
But of course, in order to use software it needs to be copied into RAM. This is the historical legal justification for software EULAs. You can't put a EULA on a lawnmower to tell people what lawns they can mow with it; the doctrine of First Sale prevents that. You can't put a license on a DVD or CD telling people how they may use it, either; only how they may copy it. It's only that particular quirk of software that to use it you must copy it which supposedly makes EULAs valid, and AFAIK (though IANAL) that theory has been invalidated on the grounds that copying from disk to RAM inside your own computer for the purposes of software is fair use and necessary for the product to be merchantable as advertised.
So fuck EULAs. Your computer is your property and if Microsoft does anything to it against your wishes they should be held criminally liable.
-Forrest Cameranesi, Geek of all Trades
"I am Sam. Sam I am. I do not like trolls, flames, or spam."
While reading TFA, something in TFA caught my attention, here a list of changed components:
1. cdm.dll
2. wuapi.dll
3. wuauclt.exe
4. wuaucpl.cpl
5. wuaueng.dll
6. wucltui.dll
7. wups.dll
8. wups2.dll
9. wuweb.dll
1.Iwonder.dll
2.whenmsft.exe
3.willsee.dll
4.youcan.dll
5.usemore.exe
6.than8_3.dll
7.notation.dll
8.innames.exe
9.1984want.scr
10.itsdos.dll
11.back.txt
You're right. MS has posted a blog here which pretty much confirms what you said. What I am really interested to see is if Slashdot will post a correction.
This space for rent.