Monday, September 17, 2007

Microsoft Forces Stealth Updates Even without Automatic Updates On

Here is another one from the "Microsoft is smarter than you are" file.

Microsoft was recently exposed for pushing out updates to your computer even if you don't have Automatic Updates turned on. Their position is that they need to continue to update the Windows Update Service components in order to notify you of updates and "maintain the quality of the service".

This presents a huge trust issue for many, especially IT support personnel, myself included. The reasons that Microsoft has announced on this issue are somewhat valid, but still cause a trust issue. If they are doing this unilaterally with some components, what keeps them from updating other components that they choose to update at will? The fact that Microsoft tried to do this behind the scenes is quite alarming.

Partnering with BIG BROTHER

There are many that are totally outraged by this Microsoft trust issue. My take on it is that you knew what you were getting into when purchasing and choosing to run Microsoft products, so deal with it. If you don't trust Microsoft to write your OS and write patches for your OS, then go play with someone else's OS. Granted, there are not many choices that most corporate average desktop users can deal with and with that, many IT support personnel are stuck with Microsoft desktops. If Microsoft screws this up and some compromised code gets pushed out to your desktops, yes, it will hurt and screw you up for a few days, but think about the pain you would endure to attempt to convert those desktop users to Ubuntu, or any other Unix like environment. Ultimately, Microsoft would be at fault for leaving the back door open.

For more detail on the MS stealth updates:

http://blogs.technet.com/mu/archive/2007/09/13/how-windows-update-keeps-itself-up-to-date.aspx

http://windowssecrets.com/comp/070913/#story1