Confirmation of stealth Windows Update

Confirmation of stealth Windows Update

Summary: I can now confirm that the stealth Windows Update that I blogged about yesterday actually exists - because I've detected its presence on a machine at the PC Doc HQ.

TOPICS: Windows

Breaking news - Latest from Microsoft 

I can now confirm that the stealth Windows Update that I blogged about yesterday actually exists - because I've detected its presence on a machine at the PC Doc HQ.

At the PC Doc HQ we have several systems set not to update automatically. This is so that they are kept at a specific patch level for testing duties. Many of these systems are virtual machines but some are physical. When I heard about this stealth update I decided to take a look at one of these systems that don't update automatically (it was set to download and notify) - and within seconds I found what I was looking for.

[UPDATED - Just to clarify, I can confirm that this stealth update was applied to systems where Windows Update was set to "Download updates but let me choose whether to install them" and "for updates but let me choose whether to download and install them" but not on systems set to "Never check for updates."

Which files are updated depends on the OS you are running. The updated files on Vista are:

  • wuapi.dll
  • wuapp.exe
  • wuauclt.exe
  • wuaueng.dll
  • wucltux.dll
  • wudriver.dll
  • wups.dll
  • wups2.dll
  • wuwebv.dll

And on XP SP2:

  • cdm.dll
  • wuapi.dll
  • wuauclt.exe
  • wuaucpl.cpl
  • wuaueng.dll
  • wucltui.dll
  • wups.dll
  • wups2.dll
  • wuweb.dll

The test system was running Windows XP SP2. Reports and rumors suggest that this update was being pushed out on or around the 24th of August so I fired up Event Viewer and scrolled down to this date ... and here's what I found:

Here's the entry showing the update kicking off.


Update completed successfully - but not the lack of information regarding the update.


Here's one of the updated files.


These updates without notification is a slippery slope. I just don't like the idea of having updates foisted upon systems without being aware that they are coming in and having the option to postpone them. Why? Simple. IT'S MY PC!!! If a user chooses not to have updates installed automatically, Microsoft needs to respect this decision. Period. If this is not possible, notifications should be made after the update has been installed clearly identifying the updates, describing what it does and giving users a way to roll back the system if they want to.

[poll id=175]


Topic: Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Common knowledge

    Dear Windows user. You may have paid for the PC harware, but you don't own it. Microsoft do. I thought giving up ownership of the hardware you aoid for to the vendor of the OS on it, was the whole point of you clicking "I Accept" to the Microsoft EULA?
    • hardware? no...

      actually, when you buy a computer, the hardware is yours. read the eula, its the software that is not yours. you are leasing it so to speak. actually licensing the use of the software. but it is kind of like a car dealership coming to your house while you are sleeping, getting into your car and making some changes to the car, then leaving.

      hey, i work in computer tech support, we have all kinds of car analogies.
      • Message has been deleted.

    • Should not be a surprise. After all.... it's Microsoft.

      This is the company that will do whatever they feel like doing, whenever they feel like doing it. If it won't cost them lost sales or time in jail, they will feel free to do it, right or wrong.

      They know full well they run people in the behind with things like this because the vast majority of computer users don't have a clue.

      As long as we keep using Windows, this will happen. Get used to it.
      • Get a Clue - Read what you agree to

        I work in the industry, and while I agree that electing not to have windows updates run automatically, I also actually took the time to read the EULA before agreeing to it. Appearently you didn't. Here's the reality of it. Microsoft OWNS Windows, you don't. Since it's theirs, and ownership has specific implications, such as being able to modify what belongs to you. While it's sneeky, because they know most people haven't read the EULA, it is theirs to do with what they will. If you don't like it, use Lynux. There are many user-friendly incarnations of Lynux out now. Better security, no secret updates, open source, and it's FREE!
        • The problem is they are being deceptive.

          Even though it says they can do what they want in the EULA, why is there nothing stating you may be subject to stealth updates in the Automatic Updates Control Panel? Why is it that this is not spelled out for you in this control panel? The control panel that is supposed to control if you would like your computer automatically updated or not?!? It doesn't, and that's the problem. Deception!

          Why isn't it spelled out for you right there in that control panel?!? Do you think if MS told people that setting your computer to not receive automatic updates really meant they can update whatever the heck they want, people would be ok with that? Heck NO!

          It's deceptive, plain and simple. You give me an option in the OS to keep my computer from being updated and you totally bypass that option is BOGUS!!
          Kid Icarus-21097050858087920245213802267493
          • What is being

            updated is mainly dlls. These are updated all the time without the user being aware of it. Each time you install software into your system, it will check to make sure that the dlls provided are up to date with the ones it needs. Most software installations do not bother to tell you that they are updating the dlls, they just do it. This has been a long-standing practice that goes back to the days when DOS was king.
          • Apples and oranges

            We're not talking about some software you ELECTED to install. We're talking about patches being applied WITHOUT YOUR KNOWLEDGE.

            When you install a piece of software and it updates DLLs, even though you may not know exactly what it's doing, you initiated the software install.

            In any other venue, when software is installed without the user's knowledge, it's considered "spyware" or trojan software.

            Apples and oranges.
          • You hit the nail....

            Apples and oranges, that why i swiched to Apple years ago. Damn!!! i love my Mac's and OS X.

            You poor Windows XP/Vista souls.

            But, don't whine you got what you choose.
          • DLLs or not...

            They are still making changes behind the scenes, without your consent, even if you elected to not have the changes made.

            The reason it is such a terror has been stated by the author of the article. If they think it's okay do do this, how long do you think it will be before they start slipping other stuff, not so necessary to the safe operation of your machine in? In other words, how long before they start slipping spyware into your pc covertly trying to 'uncover acts of piracy' or whatever other B.S. reason they want to pull out of their arses? How long before they decide that they don't want you ripping that CD that you paid money for to your mobile device, because they are 'sure' that you are going to be distributing it? Prejudicial guilt anyone?

            Some companies, Microsoft especially, seem to think that a EULA gives them Carte Blanche to do what they want to you. They are dead wrong. A few massive constitutional based class-action lawsuits, which are going to be coming soon I would bet, will tax even their resources. Tampling on people's privacy may have been granted with the patriot act, but an election is coming up soon, and things will change if 'We The People' as a whole deem it so. All it takes is getting us off our butts and doing something about it.

            Us? Off our butts and be politically active? Ha. Yeah, right. Never mind my earlier comments. I think I'll go invest in the company that makes Vaseline, cause there's going to be a big demand for it soon. Stop voting for the big money parties and make lobbying illegal and we've got a start towards protecting our privacy since both seem to overly influenced by the almighty dollar more than what's best for the country.
          • Here Here!!

            Well Said!!!!
          • And that is the problem...

            If I have a computer running an application that depends on an older version of a dll I do not want it updated period, that is why you turn off automatic updates. As someone who works in IT on an extreamly tightly controlled baselined system we DO NOT WANT UPDATES! Every patch and update to the OS or app on the system gets thoroughly tested in a separate test system to ensure it will not break any of or apps. The only updates that get implemented rapidly are critical security updates, and we watch the system closly afterwards to ensure it does not cause any havoc. We have a very exacting and controlled baseline we maintain for stability and predictability. It is often a double edged sword, as it often limits our toolset for administration, but the system is rock solid.

            What do you think a major company would say if their critical applications on their servers whent down all because of a stealth update to a dll rendered them usless? It could potentially cost them millions. This is a worst case scenario, and not very likely, but it could still happen. That is the real reason there is the option to turn off automatic updates in my mind.
          • Well since the service cant be trusted ; - )

            disable it

            sc config wuauserv start= disabled

            You could use group policy to do this as well, but if you have an AD domain you should be using something like WSUS.
        • learn to spell

          Its Linux, not "lynux"
          • spelling

            Microsoft Windows is owned by Microsoft Corp.
            Micro$oft Windoze and M$Windoze are in the Public Domain.

            And you thought Bill was short for William?
            Micro$oft Corp., maker of M$Windoze,
            Billionaire Gates & Company.
        • EULA is probably illegal......

          No one reads the EULA....If Microsoft's EULA was tested in the courts, it would most likely be throw out. My computer is mine, to use as I see fit. If I do not want the updates, then I shouldn't be forced to get them. This is especially bad when your base system is modified when test application compatibilities.

          My "pretend" acceptance of the EULA is solely to make the software run. Regardless of other opinions, I don't accept Microsoft's EULA, but hit the appropriate button only to make the software work. Rest assured, if you try to get a refund on the software, you will fail miserably.

          Microsoft may own Windows, but as long as I don't do anything illegal with it, I can use it however I like. Therefore the EULA is invalid, and I will disregard it appropriately.
          linux for me
          • What were you smoking when you thought this up? LOL

            I GUARANTEE it's legal, and more than that, it's so legal that it's freaking watertight. In addition to that, it's got so many loopholes and exceptions covered you'd think it was running for office. Know how I'm so sure? Because MS is a corporation that is capable of paying lawyers to write these things out. You don't think that Gates is sitting there pen in hand spelling out EULAs do you? Hell no. There is a $1000/hour lawyer (actually their paralegal) doing this work to ENSURE that it's legal from top to bottom.

            They may be sneaky, but their not retarded. LOL.
          • Many lawers claim the opposite though

            Many lawyer claim the EULA would never stand up in court.

            Quite simply Microsoft can put anything they want in that EULA. You put that it's OK for me to break into your home and kill you on friday nights between 6 and 7. It doesn't make it legal to commit murder because I have contract with you.

            There was one EULA I read from Microsoft that stated you couldn't install any non Microsoft software on your PC if you installed this particular software component from Microsoft. I clicked ok then did what I wanted installing lost of non Microsoft software.

            In the end the only thing holding up a EULA is your belief that it is valid. Take it court assuming you have the money to waste and see if it hold up.
          • The EULA is a form of contract...

            In the U.S., to my knowledge, contract has to be SIGNED by both parties to be legal.

            The only way the EULA is "legal" is if people don't challenge it in court. If we don't question the validity of a particular "contract", then the court assumes that it is valid. At that point you are just arguing over the details of the EULA.

            However, when the first major lawsuit against software EULAs finds that EULAs are not a valid form of contract, and are therefore not binding upon the end-user, then that will be the effective end of the EULA.

            Perhaps in the future, after EULAs are held to be invalid, Microsoft will require all end-users to sign a genuine contract in order to use their software?
          • What were you smoking?

            Probably the same thing those "lawyers" or "paralegals" were smoking when they edited the "EULA", if they thought everybody would take their hallucinations seriusly.

            Like you have never driven over the speed limit, even though it's a well known fact that it's "against the law"? Know what I mean?
            Ole Man