madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

Confirmation of stealth Windows Update

By | September 13, 2007, 3:46am PDT

Summary: I can now confirm that the stealth Windows Update that I blogged about yesterday actually exists - because I’ve detected its presence on a machine at the PC Doc HQ.

Breaking news - Latest from Microsoft 

I can now confirm that the stealth Windows Update that I blogged about yesterday actually exists - because I’ve detected its presence on a machine at the PC Doc HQ.

At the PC Doc HQ we have several systems set not to update automatically. This is so that they are kept at a specific patch level for testing duties. Many of these systems are virtual machines but some are physical. When I heard about this stealth update I decided to take a look at one of these systems that don’t update automatically (it was set to download and notify) - and within seconds I found what I was looking for.

[UPDATED - Just to clarify, I can confirm that this stealth update was applied to systems where Windows Update was set to "Download updates but let me choose whether to install them" and "for updates but let me choose whether to download and install them" but not on systems set to "Never check for updates."

Which files are updated depends on the OS you are running. The updated files on Vista are:

  • wuapi.dll
  • wuapp.exe
  • wuauclt.exe
  • wuaueng.dll
  • wucltux.dll
  • wudriver.dll
  • wups.dll
  • wups2.dll
  • wuwebv.dll

And on XP SP2:

  • cdm.dll
  • wuapi.dll
  • wuauclt.exe
  • wuaucpl.cpl
  • wuaueng.dll
  • wucltui.dll
  • wups.dll
  • wups2.dll
  • wuweb.dll

The test system was running Windows XP SP2. Reports and rumors suggest that this update was being pushed out on or around the 24th of August so I fired up Event Viewer and scrolled down to this date … and here’s what I found:

Here’s the entry showing the update kicking off.

windowsstealthupdate_1_sm.jpg

Update completed successfully - but not the lack of information regarding the update.

windowsstealthupdate_2_sm.jpg

Here’s one of the updated files.

windowsstealthupdate_3_sm.jpg

These updates without notification is a slippery slope. I just don’t like the idea of having updates foisted upon systems without being aware that they are coming in and having the option to postpone them. Why? Simple. IT’S MY PC!!! If a user chooses not to have updates installed automatically, Microsoft needs to respect this decision. Period. If this is not possible, notifications should be made after the update has been installed clearly identifying the updates, describing what it does and giving users a way to roll back the system if they want to.

Poll

Stealth updates - Right or wrong?

Thoughts?

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Microsoft Windows Update, Information Technology, Update, Stealth, Microsoft Windows, Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

Talkback Most Recent of 513 Talkback(s)

  • Common knowledge
    Dear Windows user. You may have paid for the PC harware, but you don't own it. Microsoft do. I thought giving up ownership of the hardware you aoid for to the vendor of the OS on it, was the whole point of you clicking "I Accept" to the Microsoft EULA?
    ZDNet Gravatar
    whisperycat
    13th Sep 2007
  • hardware? no...
    actually, when you buy a computer, the hardware is yours. read the eula, its the software that is not yours. you are leasing it so to speak. actually licensing the use of the software. but it is kind of like a car dealership coming to your house while you are sleeping, getting into your car and making some changes to the car, then leaving.

    hey, i work in computer tech support, we have all kinds of car analogies.
    ZDNet Gravatar
    linuxoverwindows
    13th Sep 2007
  • Message has been deleted.
    ZDNet Gravatar
    MOKO333
    28th Mar 2008
    • Flagged
  • Should not be a surprise. After all.... it's Microsoft.
    This is the company that will do whatever they feel like doing, whenever they feel like doing it. If it won't cost them lost sales or time in jail, they will feel free to do it, right or wrong.

    They know full well they run people in the behind with things like this because the vast majority of computer users don't have a clue.

    As long as we keep using Windows, this will happen. Get used to it.
    ZDNet Gravatar
    shawkins
    13th Sep 2007
  • Get a Clue - Read what you agree to
    I work in the industry, and while I agree that electing not to have windows updates run automatically, I also actually took the time to read the EULA before agreeing to it. Appearently you didn't. Here's the reality of it. Microsoft OWNS Windows, you don't. Since it's theirs, and ownership has specific implications, such as being able to modify what belongs to you. While it's sneeky, because they know most people haven't read the EULA, it is theirs to do with what they will. If you don't like it, use Lynux. There are many user-friendly incarnations of Lynux out now. Better security, no secret updates, open source, and it's FREE!
    ZDNet Gravatar
    rnb3rd@...
    13th Sep 2007
  • The problem is they are being deceptive.
    Even though it says they can do what they want in the EULA, why is there nothing stating you may be subject to stealth updates in the Automatic Updates Control Panel? Why is it that this is not spelled out for you in this control panel? The control panel that is supposed to control if you would like your computer automatically updated or not?!? It doesn't, and that's the problem. Deception!

    Why isn't it spelled out for you right there in that control panel?!? Do you think if MS told people that setting your computer to not receive automatic updates really meant they can update whatever the heck they want, people would be ok with that? Heck NO!

    It's deceptive, plain and simple. You give me an option in the OS to keep my computer from being updated and you totally bypass that option is BOGUS!!
    ZDNet Gravatar
    Kid Icarus-21097050858087920245213802267493
    13th Sep 2007
  • What is being
    updated is mainly dlls. These are updated all the time without the user being aware of it. Each time you install software into your system, it will check to make sure that the dlls provided are up to date with the ones it needs. Most software installations do not bother to tell you that they are updating the dlls, they just do it. This has been a long-standing practice that goes back to the days when DOS was king.
    ZDNet Gravatar
    alaniane@...
    13th Sep 2007
  • Apples and oranges
    We're not talking about some software you ELECTED to install. We're talking about patches being applied WITHOUT YOUR KNOWLEDGE.

    When you install a piece of software and it updates DLLs, even though you may not know exactly what it's doing, you initiated the software install.

    In any other venue, when software is installed without the user's knowledge, it's considered "spyware" or trojan software.

    Apples and oranges.
    ZDNet Gravatar
    csilverman@...
    13th Sep 2007
  • You hit the nail....
    Apples and oranges, that why i swiched to Apple years ago. Damn!!! i love my Mac's and OS X.

    You poor Windows XP/Vista souls.

    But, don't whine you got what you choose.
    ZDNet Gravatar
    hal9000mx
    13th Sep 2007
  • DLLs or not...
    They are still making changes behind the scenes, without your consent, even if you elected to not have the changes made.

    The reason it is such a terror has been stated by the author of the article. If they think it's okay do do this, how long do you think it will be before they start slipping other stuff, not so necessary to the safe operation of your machine in? In other words, how long before they start slipping spyware into your pc covertly trying to 'uncover acts of piracy' or whatever other B.S. reason they want to pull out of their arses? How long before they decide that they don't want you ripping that CD that you paid money for to your mobile device, because they are 'sure' that you are going to be distributing it? Prejudicial guilt anyone?

    Some companies, Microsoft especially, seem to think that a EULA gives them Carte Blanche to do what they want to you. They are dead wrong. A few massive constitutional based class-action lawsuits, which are going to be coming soon I would bet, will tax even their resources. Tampling on people's privacy may have been granted with the patriot act, but an election is coming up soon, and things will change if 'We The People' as a whole deem it so. All it takes is getting us off our butts and doing something about it.

    Us? Off our butts and be politically active? Ha. Yeah, right. Never mind my earlier comments. I think I'll go invest in the company that makes Vaseline, cause there's going to be a big demand for it soon. Stop voting for the big money parties and make lobbying illegal and we've got a start towards protecting our privacy since both seem to overly influenced by the almighty dollar more than what's best for the country.
    ZDNet Gravatar
    Zorched
    13th Sep 2007
  • Here Here!!
    Well Said!!!!
    ZDNet Gravatar
    aallord
    13th Sep 2007
  • And that is the problem...
    If I have a computer running an application that depends on an older version of a dll I do not want it updated period, that is why you turn off automatic updates. As someone who works in IT on an extreamly tightly controlled baselined system we DO NOT WANT UPDATES! Every patch and update to the OS or app on the system gets thoroughly tested in a separate test system to ensure it will not break any of or apps. The only updates that get implemented rapidly are critical security updates, and we watch the system closly afterwards to ensure it does not cause any havoc. We have a very exacting and controlled baseline we maintain for stability and predictability. It is often a double edged sword, as it often limits our toolset for administration, but the system is rock solid.

    What do you think a major company would say if their critical applications on their servers whent down all because of a stealth update to a dll rendered them usless? It could potentially cost them millions. This is a worst case scenario, and not very likely, but it could still happen. That is the real reason there is the option to turn off automatic updates in my mind.
    ZDNet Gravatar
    wpshea@...
    13th Sep 2007
  • Well since the service cant be trusted ; - )
    disable it

    sc config wuauserv start= disabled

    You could use group policy to do this as well, but if you have an AD domain you should be using something like WSUS.
    ZDNet Gravatar
    Suicida|
    13th Sep 2007
  • learn to spell
    Its Linux, not "lynux"
    ZDNet Gravatar
    Grausam
    13th Sep 2007
  • spelling
    Microsoft Windows is owned by Microsoft Corp.
    Micro$oft Windoze and M$Windoze are in the Public Domain.

    And you thought Bill was short for William?
    Micro$oft Corp., maker of M$Windoze,
    Billionaire Gates & Company.
    wink
    ZDNet Gravatar
    harper@...
    13th Sep 2007
View More Comments

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources