Is Microsoft Doing a Stealth Update?

We have received several emails from reader’s today regarding concern over reports that Microsoft had begun patching files on Windows XP and Vista without users' knowledge.  It was reported that even though the user had turned off auto-updates some of the files were still being updated.

There is a lot of concern about these updates and rightfully so.  One of our reader’s, Wade, posed some very interesting questions in regard to this issue.  Here is what he had to say:

 “In the case of compliance auditing, does this revelation mean that unless we completely block access to the Microsoft update servers at the firewall, we cannot attest that we have full knowledge and control of all changes to our systems?  Does this functionality classify as malware, in that changes to "your" system are occurring without your explicit knowledge or consent? (Ignoring the fact that you "signed" the EULA absolving Microsoft from any wrong doing in any situation).”

 As I thought about his questions, I have to admit that I agreed with him and that it does raise some issues in the area of compliance auditing and the ability to say without a doubt we have full control and knowledge of all changes made to our system. I was concerned about how I would answer this question on my next audit.

So I decided to check with Microsoft to see what this was all about.  I quickly received information that has helped to at least put my mind at ease.  From what I can tell from the Microsoft information this update is not taking place automatically, but rather takes place when you go to their update site. So if you never go to the update site or you never check for updates… you will not get the updates.

Microsoft’s article contains this:

 “Before closing, I would like to address another misconception that I have seen publically reported. WU does not automatically update itself when Automatic Updates is turned off, this only happens when the customer is using WU to automatically install upgrades or to be notified of updates.

So, I guess I feel a little better about this.  There is still the possibility, I suppose, Microsoft could install some other program via this process with out our knowledge. (Malware and virus authors having been silently installing these programs for years).   For this reason we have to remain vigilant, watchful, and not become complacent when it comes to our computers and our networks.   

Thanks to everyone that contributed links and information.




279 Posts
ISC Handler
Sep 13th 2007

Sign Up for Free or Log In to start participating in the conversation!