Slashdot Mirror
Microsoft Forces Desktop Search On Windows Update
An anonymous reader writes "The Register is reporting that the blogosphere is alight with accusations of Microsoft forcing Windows Desktop Search on networks via the 'automatic install' feature of Windows Update — even if they had configured their systems not to use the program. Once installed, the search program began diligently indexing C drives and entire networks slowed to a crawl."
Is it still isn't very good compared to Google desktop indexing.
This sounds like a dumb mistake. While they might have meant to install it on all computers, I doubt they meant to turn it on if it had previously been turned off. Microsoft does not benefit by deliberately pissing off its users in this way.
Using openSUSE instead of Windows since 9th of October, 2007 and liking it.
This is getting ludicrous already.
It's not even a friggin' security update either.
Desktop search is NOT required on the desktop. It's a gimmick application (albeit a useful one for some people).
Microsoft is abusing it's position as the sole control point of Windows Update to push more of their crap into the market.
Additionally, Google may have a legit antitrust complaint here, as Microsoft looks to be trying to "IE vs Netscape" them on the desktop search. Unlike browsers, which can be opted not to be used, this desktop search is being auto-pushed, can't be refused, and it's detrimental to system performance to run two desktop search apps in parallel.
Fuck the Storm botnet. We have bigger problems with a piece of malware called "Windows Update".
Chas - The one, the only.
THANK GOD!!!
This only happens on Windows XP, when you have either Office 2007 or Windows Live Photo gallery installed.
Not saying it's OK, just mentioning the facts.
8 of 13 people found this answer helpful. Did you?
Critics cried foul on the principle that users should have absolute control over their machines.... The revelation that Microsoft is pushing yet more installations not explicitly agreed to by administrators is not likely to sit well with this same vocal contingent.
It makes me ask: What kind of administrator is using automatic updates on their machines anyway?
Let's face facts, while Microsoft should take much of the blame on this any admin should know at this point that automatic updates is opening yourself up to all types of undesirable installs.
This is nothing new and it's sad to see "professionals" in the field are still leaving security updates and other installs to go through without even sending a glance it's way first.
Dedicated Cthulhu Cultist since 4523 BC.
However to say that by default it was indexing the entire C: drive is erroneous. The default behavior is to index user files in "doc and settings" and then your outlook files after you open that program.
Yes, this has happened to one of my colleagues where I work. All his workstations are under control of a WSUS server and so should not install any MS updates that he doesn't approve. Yet his workstations all installed the latest Windows Desktop Search client.
Welcome to Live Search, NSA Edition
[_______________] [search]
( ) the web
(o) all computers running Windows
[X] force update
[X] slow down computers
[ ] obey law / constitution
[X] forward trade secrets to us corps
Windows Update, you're the whore
Who makes my computing such a chore
I can't take this shit anymore
Woo woo be doo
Windows Update, you make me sore,
When I disable you, you ignore!
Windows Update, you're the bane of my existence, it's true!
Doo doo doo doo, doo doo
Every day when I
Make my way to the workstation
I find a little fella who's
downloaded some new MS aberration
Chunk-a-lunk-a-bluescreen!
Windows Update, you're a cunt
And I'm not sure I could be more blunt
Windows Update, I'm awfully cross at you.
Every day when I
Make my way to the workstation
I find a little fella who's
downloaded some new MS aberration
Windows Update, you're a cunt
And I'm not sure I could be more blunt
Windows Update, I'm awfully sick of -
Windows Update, I'd like stick a brick in -
Windows Update, I'm gonna download Ubuntu!
Doo doo, be doo
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
I'd remain anonymous if I used that awful offal word "blogosphere" too. Blagh!
-Ralph Blog
(Ok, not really, that was a pseudonym, I'm joking. OW! STOP IT!)
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
Unless someone is doing a lost of posting, it seems real enough alright.
Also, lets face it. It smells true. MS ain't that smart, it truly seems like they would think it a good idea to install indexing software on every desktop in a network and have it index all the shares.
Because slashdot ain't what it used to be, I shall now explain why this is bad. It would be like EVERY computer, trying to be its own internet search engine and spidering the net for itself.
You don't do that. You index your own files, and use a central index for everything else.
However MS ain't that smart and thinks that you should index locally everything on the network. This is really a fundemental flaw in their design of this tool. It really shouldn't be allowed to index the network without explicit permission.
So why the forced update? It seems to have given itself extra permission so that it was installed without admins having thecapacity to block it. Well, remember who we are dealing with. This is MS. The company that knows best. Their may be an evil plot, or it may simply be that the Desktop Search constained a serious security hole that needed to be patched, so they even installed it on non-desktop machines.
Frankly trying to explain MS is like explaing the actions of a mad man.
We will never know why MS truly did this, stupid blunder, evil plot, insanity?
And no, it won't drive people to linux. This is just another anecdote in the long miserable live of a windows admin. I suppose, I don't do windows, and gladly take a lesser paycheck for that (although oddly enough I get payed more then all the windows admins I know, but hey, life ain't fair). Linux, for the money and the babes. Oh okay, not the babes, but the free beer is nice.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
there are a few misleading points in the article.
1. it doesnt AUTOMATICALY install with auto updates, or windows updates, it is in the optional software section of windows updates, thus does not come via automatic updates at all, and in windows updates you have to manualy select it.
2. you are prompted before install
3. once installed, it does not automaticaly start indexing everything in C, it promts you and asks what you would like to be indexed, and when/how.
portfolio
QA of patches is very difficult. Lots of time pressure. Lots of things to check. Easy to overlook things. It's not like Windows and other modern Megasoftware have any coherent set of specifications that can be tested against. Or that test procedures would be perfect if there were specificiations. Or that a thorough test could be run in a realistic amount of time. This looks like yet another QA screwup.
Better to defer installing updates for a few days I think and let others Beta test the fixes. There's some risk to that also of course. But not as much. At least not in my estimation.
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
Gees, we have better quality control where I work. and we don't have any.
thank God the internet isn't a human right.
Here they go and make linux MORE secure by adding code to it, opensource code so it is known to be safe, while spying on windows users.
This proofs it, Linux users are true patriots who love their country and will defend it with their lives and therefore can be trusted with their freedoms, while windows users are all terrorists who hate our freedom and way of live and need to be spyed upon.
Makes sense. If you see someone using windows, report them to the proper authorities, the freedom of the world depends on it.
Friends do not let friends use Windows.
This is a message will auto-destroy a windows box in 10 seconds.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
The article refers to windows update services and not windows update.
Thanks for playing though
I hate that crap, as someone said in a review of some Linux distro, I do not know why people *need* a file indexing service like Beagle, personally I have all my documents pretty well ordered, and preffer to use the filesystem structure facilities to order my data (directories, subdirectories, etc) and for me Beagle and the like are just resource and TIME (they interact with the slowest component in the PC in very heavily) wasters. WHY IS IT TURNED ON BY DEFAULT??? WHY ISNT IT POSSIBLE TO TURN IT ON EASLY??? WHY CANT I TURN IT OFF IF I DO NOT HAVE ROOT ACCESS??
The only time I kind of liked such programs (and the only program I liked) was when I used Coopernic Pro agent, which indexed PDFs and CHM books (I have a *huge* 30GB PDF/CHM library), but you could indicate (graphically, not via some obscure config file editing) which folders you wanted to check. Of course, Beagle does not index CHM.
Ubuntu is an African word meaning 'I can't configure Debian'
Ya, I'm gonna go ahead and call bullshit. Our company has a WSUS server that I manage, and the update came in as Not Approved. So either he approved it, or set the server to auto-approve anything, which would be his doing as well. Or maybe he doesn't realize that its not an Installed % that it shows, its an Installed / NOT APPLICABLE % that the column indicates. In other words, I have 39% in that column, because the update doesn't apply at all to 39% of computers in our company. No computers to which the update applies have it installed.
This applies to WSUS only, not the consumer Windows Update as everyone has mistaken it for. WSUS is the corporate, large-network version of managing and deploying product patches & upgrades to Windows machines (even if it's useful networks of any size really).
What I find bizarre is that this system, not Windows Update (which I stress again, is different) has been subjected to a patch that seems to auto-approve itself!
Under normal circumstances, each patch has to be approved (if set this way) by a network-admin before it will trickle out to workstations. This is the first time it would appear an update has approved itself.
throw new NoSignatureException();
For many of us, it died long LONG ago. For many, there's still a great deal of blind trust in Microsoft. Many people are losing trust in Microsoft yet at the same time cannot see an alternative. (For example, at an architectural firm... there's just NOT a Linux desktop alternative ... there's AutoCAD and Revit and that's pretty much *it*. I know there are Macintosh CAD packages, but they are not AutoCAD and/or Revit.)
:) Sure, Microsoft, go ahead and force your updates. Some people can roll them back because they don't trust your software any longer... even if they still use it.
So for those who don't trust Microsoft and use it anyway, there's stuff like Deep Freeze.
The problem here is in fact that the search has come as an update for Windows, rather than a separate product. Looks like the people that are affected are auto-approving updates as they come, which more or less half the reason you'd use WSUS in the first place - to test patch deployments before releasing onto the network at large.
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=2315860&SiteID=1
throw new NoSignatureException();
What is important is that it is there forcefully
For business users, it's one more unacceptable risk. Now that M$ has a means to carry out the more obnoxious clauses in their EULA, you can no longer ignore those clauses as ineffective. Even if you do trust M$ to respect your secrets, others can and will take advantage of this mechanism to root them out. Universal indexing is more than a business risk to Mozilla and friends, it's a business risk to everyone. Business users should be headed for the exits.
People who value their privacy should have left long ago.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Well on my computer the update downloaded and installed itself - even though I made a point NOT to click on the install updates button. The good news is that all you need to do is go to Add/Remove programs to get rid of the thing: http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=301681&SiteID=1
I declined this for my network via WSUS. It never set itself to "auto-install" as some of the comments I'm reading say it did, at least not in my network environment.
Saw it in WSUS, declined it, end of issue.
End of lesson. You may press the button.
"How to fix the cable"
"How to clean a pool"
"How to deliver pizza"
If you have your PC set to notify before downloading updates, you can simply uncheck it when the yellow shield pops up. When you close the window a box will pop up asking if you want to install it later. Just uncheck the box again and it will never ask again.. Worked for me!
That's my point, and probably why I got modded troll. The basis of the article is that MS is forcing this, and used to indicate further evil on Microsoft's part. No, the problem is the sysadmin who has their WSUS and user profiles set to blindly accept and push the updates, or the users who have thier home systems to blindly accept and install updates. Just because MS put it in up for update doesn't mean you have to use.
But, pardon me for pointing out that this isn't an MS issue, its a USER issue and points out the knee-jerk anti-MS bashing that goes on here. Sure, there are things to bash MS about, but this isn't one of them.
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
The desktop search automatically approved itself in spite of the settings at our company. I manage the WSUS environment in our corporation (about 2500 machines get updates from the WSUS servers). I'm looking at the WSUS management console right now, and the only updates that are set to approve installation automatically are "Windows Server Update Services Updates." We do automatic detection of critical and security updates, but the desktop search thing wasn't even in those categories. The first I heard of this update was a frantic IM from a client support person who told me to remove the new update from the WSUS server because it was creating havoc for the help desk.
No, the real issue is that you shouldn't be forced to get an update you didn't consent to.
And I have to wonder what problem everyone else is having, because my PC duly popped up an automatic update notification for this earlier today, and I told it to go away and not come back, with no trouble and no observable adverse consequences.
Why do I get the feeling that this story is caused by a lot of people who don't know how to configure automatic updates properly, and a lot of FUD because of the PR cock-up a few weeks ago? You can argue about how they classified the update, but certainly nothing has been "forced" onto my PC today as a result of the update going out.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
I don't get it. I am sure millions of slashdotters are scratching their head too. If you have porn, why do you need a wife?
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Who has wsus configured to install every microsoft update? Have the wsus thing download the updates but not push them to clients until someone approves them. Yes it means that some admin will have to actually click on the update and approve it but shouldn't that be part of their job?
I thought the desktop search used a service called "search". Disable that service and the desktop search doesn't run.
Did you really say...
I think they mean that their WSUS downloaded and installed it without any prior notice, which is the way any MS shop should have it set up.Wrong, wrong, WRONG, wrong, wrooooOOONNNNGGG!
We review every patch and update that comes in. Any sysadmin who blindly accepts and pushes deserves what they get.
But, don't blame that on MS.
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
Doesn't having WSUS download and automatically install every update kind of make WSUS pointless to begin with?
WSUS exists so admins can pick and choose which updates go out. Just having it let everything go through with out testing it is, well... I cannot come up with a single reason as to why anyone would want to configure it that way.
I manage my companies WSUS server and this update also came in as Not Approved. Except when I looked at the details in the status report it is approved for a fuckload of computers. It doesn't show up as being approved when you look anywhere except in the detailed report. The weirdest thing is that it isn't approved for all computers, if you sort by approval status there are still a few hundred computers which have it marked as Not Approved. It seems like it just randomly chose a bunch of groups or something, no way to really tell though since it doesn't show up as being approved for any groups. It really makes no sense, I've been running WSUS3 since the beta and I have never seen anything like this. At this point it is really too late, especially since this stupid update doesn't support removal. Microsoft has fucked us good and they still haven't even said anything public, it's absurd.
Link, please.
;-)
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
...but I don't have to deal with any of this M$ bullshit by sticking with Windows 2000. Frankly, they hobbled it enough as it is, now it appears that it's XP's turn...
Windows 3.1x calc: 3.11 - 3.10 = 0.00
The entire process is fubared. After it auto-installed on all our desktops despite our WSUS server, we went in and specifically set it to declined. It is still reinstalling itself on some (but not all) of our user desktops. This is an incredible nightmare.
It's not about you, it's about companies. They have to leave the automatic updates on for security updates.
Fact. I have WDS 2.x installed. It works with Kerio. 3.x doesn.t
/q /norestart
Fact. Months ago I approved WDS 3.01 update in Automatic Updates WSUS (install.) For months, this update has only updated WDS 3.x to 3.01 update. It has not updated 2.x nor has it installed on machines without WDS.
Fact. Microsoft re-released this same update to WSUS. Re-released meaning it is the same patch in WSUS. Meaning that because I have WSUS set to retain approve/disapproved settings when patches are re-released, the new WDS 3.01 retained it's approved status. They also re-released Windows 2003 SP3, for example. Same patch, just a few minor changes.
Fact. When I came in yesterday, WDS 3.01 was automatically installed on 50+ of my machines, and I didn't want that. It was slated to install on all 500+.
This update to existing WDS 3.01 patch should have been released as a new patch in WSUS so that it adopted my default approval settings, not as a minor change & re-release to adopt existing approval settings.
To uninstall WDS you run
C:\WINNT\$NtUninstallKB917013$\spuninst\spuninst.exe
I turned off Windows automatic update a long time ago. I now selectively pick security updates that I think are relevant. The reason for this is that I have had various occasions where my PC started to play up after an update. When I rolled back the update things were fine again.
.net stuff. They tend to use MS SQL Server and of course use any other quick solution Microsoft throws at them.
.net framework, DirectX and MSIE and I am sure this list is really much longer. As much as I have not cared for alternative OS'es, Now I am losing my market value with Borland Delphi I think I rather re-educate myself to work with an alternate OS instead of becoming a Microsoft lapdog.
Yes, IT is forced the Microsoft way. There used to me several powerful producers of programming languages. Most notably Borland. Borland shot itself in the foot by neglecting Delphi and Microsoft took the small remainder of that market. Now almost all of the windows software houses use Microsoft products. They are Microsoft Certified, member of MSDN use almost exclusively MS visual Studio either for the old C++ or more often now the
Gradually the IT world as been super glued to the Microsoft way. Financial incentives are offered for those companies that have their software Microsoft Certified and on it goes. As a result software houses I work for have been changed from independent IT company to an exclusive Microsoft House and don't you dare to question the technology because most developers like the juicy bones thrown at them by Microsoft at regular intervals.
And of course as a result software users can not do anything else but go along with it. Your average software package today will require you already have MSI 3 windows installer,
Not sure why you were modded 'funny' - after testing, both for myself and others, I think that what you said is (partially) true.
I've had some *interesting* experiences wih strange M$ 'imcompatibilities' with GDS - see below.
My experience with both GDS and M$ so far:
GDS
1. Need to turn off 'advanced' features in Google, plus do not let it search your web cache, your web mail and deleted items, for obvious (security & usability) reasons.
2. If you let it index Thunderbird mail, it sometimes deletes / lost / corrupted the Thunderbird mailbox if you de-installed.
Clearly, not a trivial problem.
3. Integration with M$ products - notably Outlook - quite good.
4. Can have problems 'losing' files from index - don't get reindexed, even if force-reindex (sometimes).
5. Search results interface OK, but rather sparse and configuration options limited.
6. Gadgets are a pain, for most people. Turn 'em off, (easy).
M$ search.
1. Earlier versions much poorer and slower than GDS. Later ones better.
2. You *have* to install with latest version of Outlook in order to get rid of annoying 'click here to enble instant search' bar in your toolbar. GDS does not seem to work so well with later versions of M$ Office.
3. M$ search - once installed - works OK, although user interface is more cluttered, through attempting to offer more advanced search options...
4. Yippee! GDS then is de-selected as 'default', and Google as search engine in browser, and starts to crash...
More 'cookcoo wear' from M$?