Nothing stealthy about this Windows Update update

Nothing stealthy about this Windows Update update

Summary: For years, Microsoft has occasionally updated its Windows Update client software automatically on systems that are configured to check for updates. This has been true even when Windows Update is set to simply check for (and optionally, download) updates but not to install them.

SHARE:

For years, Microsoft has occasionally updated its Windows Update client software automatically on systems that are configured to check for updates. This has been true even when Windows Update is set to simply check for (and optionally, download) updates but not to install them.

That decision led to a flurry of negative publicity about “stealth” Windows Update updates last year, triggered when one of those automatic updates caused problems on a small number of Windows XP systems whose owners used the repair option from the installation media. Most of those customers were surprised to find that the culprit was an update they never realized they had installed.

At the end of July, Microsoft is going to make some changes to the infrastructure of its Windows Update back end, and as part of the change it will begin delivering another update to Windows XP and Vista systems (as well as systems running Windows Server 2003 or 2008). This time, though, the plan is to communicate the details well in advance and to provide more notice before and after the process.

I spoke yesterday with Microsoft product manager Michelle Haven, who told me that the primary purpose of the update is to improve performance, scanning more quickly for updates and delivering those updates more quickly. It won’t change the way Windows Update looks or feels, she says. In a related blog post, Haven says Microsoft has “invested heavily in reducing the amount of time it takes the Windows Update agent to scan to see if new updates are available. In this case, we’ve seen some instances of the scan times on some machines decreasing almost 20 percent.”

Unlike previous Windows Update updates, this one isn’t sneaking in under anyone’s radar. In addition to the Microsoft Update blog, this update will be documented in an updated version of Knowledge Base article 946928 (“Information for network administrators about how to obtain the latest Windows Update Agent”) and will be available for download there.

One additional change provides a notification in the Windows Update history with a link to additional details. This screen shot show what the Windows Update log will look like after the updated agent software is installed.

Details of automatic update to Windows Update client software

If you want to opt out of this update until you’re certain that it won’t cause problems on your system or network, you’ll need to completely disable Windows Update. On systems running Windows Vista, that means selecting “Never check for updates” and on Windows XP it means selecting “Turn off Automatic Updates.” The update will be applied if any other option is selected (including “Download updates but let me choose whether to install them” or “Check for updates but let me choose whether to download and install them”).

And because I knew the question would come up in the comments here, I asked whether this update has anything to do with anti-piracy or Windows Genuine Advantage features. The answer was a categorical no: “There is no WGA component in this client update.” A follow-up e-mail message from a contact at Microsoft’s PR agency confirmed this information for me.

Topics: Software, Operating Systems, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

40 comments
Log in or register to join the discussion
  • Still got it wrong?!?!

    What part of "check for updates but let me decide" do they not understand???
    Techboy_z
    • Their reasoning

      This update is qualitatively different from the updates they offer for Windows itself, In fact, once the server infrastructure is updated you cannot check for updates on your machine without installing this update. It is therefore a mandatory update.

      If you refuse this update, the effect is the same as turning off Windows Update. So, as they make clear, if that's what you want to do, then turn off Windows Update.
      Ed Bott
      • Flawed reasoning

        Last time they did this, my system was automatically rebooted during the night and I lost important work I was doing. This is unacceptable, I could have sued them.

        If I refuse this update, that's my decision, but they gotta give users the choice to refuse, if they wanted to be warned about updates. What part of "Let me decide when to install updates" don't they understand?
        luch3
        • You do have a choice to refuse

          Did you read the article? I'm just curious how you could have missed the following:
          [i]If you want to opt out of this update until you?re certain that it won?t cause problems on your system or network, you?ll need to completely disable Windows Update. On systems running Windows Vista, that means selecting "Never check for updates: and on Windows XP it means selecting "Turn off Automatic Updates."[/i]

          It makes perfect sense that if MS is changing the way their update server communicates, that you will no longer be able to use the update service until you update the client. What you can't do is stay with your old update client and have it continue scanning for updates because after the server is updated, your client isn't speaking the same language any more. Either update your client or turn updates off and download them manually from Technet, your choice.
          NonZealot
          • I thought I already opted out

            I thought I already opted out by choosing "Let me decide when to install updates". Of course I understand that I can totally disable Windows Update, but how is one going to know if they don't read ZDNet? I don't consider that to be a proper warning to more casual users.
            luch3
          • What would you consider a proper warning?

            [i]I don't consider that to be a proper warning to more casual users.[/i]

            I can accept that. What would you consider a proper warning?
            NonZealot
          • How about something simple...

            There is an update available. Do you want to install?

            Not that hard. Beats the one they did by force (even with
            update turned off) and totally $%##% me.
            Bruizer
          • You didn't opt out

            Opting out is if you turn off Windows Update (or Microsoft Update). By choosing the Check or Download Only options you are choosing a preferred installation method for updates that relate to the Windows operating system, to Microsoft Office and to other covered Microsoft software. The Update program is the lone exception and must update itself to deliver the updates you want for those programs.
            Ed Bott
          • Oh yes he did

            You are arguing semantics. I won't argue the EULA since I haven't read it. Neither can most consumers keep up with the lengthy barrage of EULAs from all their installed software.

            The intent of the user is key, and what Microsoft should and did not honor. He asked to download updates and be given the choice to install them. The Microsoft Update update could have downloaded, thrown an admin message it is waiting to install and no further updates would be available. Additionally Windows should NEVER intentionally shut down automatically. If there is a critical update installed requiring a reboot, another admin message should tell the user until they update their computer is vulnerable.

            Microsoft is not respecting their users, and until they do, they deserve all the criticism they get and more.
            colinnwn
          • If only...

            there was a way to support multiple implementations at the
            one time. Say we call this technology versioning.

            Maybe we can use this version information to direct clients of
            one version to a different back-end to clients of a different
            version. This light allow a transition period from the different
            versions.

            Sorry this is crazy stuff, it'd never work;-)
            Richard Flude
          • Try it with 800 million users

            You really don't want to have to maintain two server farms with unpredictable loads.
            Ed Bott
          • Number of users irrelevant, total load is the key

            "You really don't want to have to maintain two server farms
            with unpredictable loads."

            Partition your 1 server farm into 2 logical farms. As users
            move from one version to the next you redeploy more
            servers from one logical farm to the other.

            But who am I compared to the geniuses at MS (thankfully
            with an army of apologists)?;-)
            Richard Flude
          • Good point

            I suppose you are right, MS could try to come up with a versioning scheme so that the 0.01% of people who are fundamentally opposed to updating the update mechanism could be made happy and the 99.9% of ABMers would have to find some other non-issue to explain why they hate Microsoft today. Maybe they calculated how many paying customers they would lose if they went with the simple solution and how many they would lose if they went with the more complicated solution that had the greater chance of negatively affecting mass amounts of people and they figured the simple solution was better. Personally, I agree. We are being told up front that this change is coming and that we can control when it affects you by simply turning off the update service and if this is what drives you away from Microsoft and into the loving arms of Apple who always care about backwards compatibility (hehe, sorry, can barely write that with a straight face), then chances are you had already made up your mind. :)
            NonZealot
          • Or switch to a real update technology

            When windows finally gets a package manager and works out
            their dependency hell the MS fanboys will be singing it's
            praises, but for now it's just apologise for their master.

            Happy rebooting;-)
            Richard Flude
          • An analogous situation...

            ...would be MMOs like Warcraft or Guild Wars, or indeed any online game. To be able to play you have to have the latest version of the game client.

            The WU upgrade is the same - they are upgrading their servers to be faster and more efficient. In order that we can talk with their new servers we require an updated version of the software. I don't see anything sinister about that - it's just common sense, and in the long run, better for all involved.
            Ben_E
          • Latest version of their software

            I remember when M$ pushed out the "latest" update of their software. That "update" included the now infamous WGA bulls---.

            Because of that, I do not trust M$ when they say they are updating my software. I would rather do it myself, at least then I know what is being updated.
            fatman65535
          • Does It?

            If it is merely performance enhancement, then we know
            what it must be: a more efficient indexing and protocol.
            There's no black magic. Why cannot their servers also
            provide updates to clients who speak old-protocol old-
            index? Eventually performance considerations will cause
            the migration of the customer base.

            Of course, if there's obfuscation about (perhaps an
            unspoken security issue), then faster updates are the
            hamburger patty and something else is the hidden pill.
            DannyO_0x98
          • Maybe because...

            Servers require maintenance, and if you have two sets of databases and protocols and indexes and other back-end infrastructure to maintain, you need more people and you have more things that can go wrong.

            By your logic, why not keep the next-to-last WU client? And the one before that, and the one before that? In your system, you would be forced to upgrade every other time, at least. So where's the benefit?
            Ed Bott
        • They don't see this as an update

          To Microsoft, the updates in question are the ones that the service offers or delivers for your Microsoft products. This new client software (let's not call it an update) must be installed for them to honor your choice.

          I am checking with Microsoft to see if this requires a reboot. I'm pretty sure the issue you're referring to was a different one, caused by an actual update to Windows. I'll edit this post when I get an answer.
          Ed Bott
          • I have now officially heard it all...

            Ed, I think it's time to put down the Microsoft coolaid and step away. They don't see this as an update? And you're convinced that isn't just a PR person doing a little PR spin? I'd like to ask you what I feel is a relevant rebuttal to that little statement... If it's not an update, why is it being distributed through Windows UPDATE? Sorry dude, but if I had gotten a response like "Oh, but this is't an update" that would have been the very first question out of my mouth. Windows Update is for updates, right?
            jasonp@...