Confirmed: Microsoft is fiddling with system files without permission

Confirmed: Microsoft is fiddling with system files without permission

Summary: If this turns out to be true, it has some very serious (and disturbing) implications ...

TOPICS: Microsoft, Windows

Breaking news - Latest from Microsoft

[Updated: Sept 13, 2007 @ 6.50 am - After checking a system set not to automatically update I can confirm that this stealth update is real.]

If this turns out to be true, it has some very serious (and disturbing) implications:

vistalogosmall.jpgMicrosoft Corp. has started updating files on computers running Windows XP and Vista, even when users have explicitly disabled the operating systems' automatic update feature, researchers said today.

Scott Dunn, an editor at the "Windows Secrets" newsletter, said that nine files in XP and Vista -- but not the same files in each operating system -- have been changed by Windows Update, the Microsoft update mechanism, without displaying the usual notification or permission dialog box. The files, said Dunn, are related to the XP and Vista versions of Windows Update (WU) itself.

The files on Vista are:

  • wuapi.dll
  • wuapp.exe
  • wuauclt.exe
  • wuaueng.dll
  • wucltux.dll
  • wudriver.dll
  • wups.dll
  • wups2.dll
  • wuwebv.dll

And on XP SP2:

  • cdm.dll
  • wuapi.dll
  • wuauclt.exe
  • wuaucpl.cpl
  • wuaueng.dll
  • wucltui.dll
  • wups.dll
  • wups2.dll
  • wuweb.dll

If this turns out to be true (and I want to make it clear that I've not confirmed this) then this will be a very serious betrayal of trust on Microsoft's part. Not only is it hard enough to keep track of changes done to a Windows installation as it is, but if Microsoft (or other companies) start updating systems without consent, this will lead to all sorts of trouble. On top of that, it paves the way for companies to make silent updates to technologies such as DRM and anti-piracy features.

Microsoft needs to address this issue and address it fast because the fallout from this could be very damaging.


Topics: Microsoft, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Its their OS which you rent

    so why shouldn't they update if they want?
    • Its their OS which you rent

      Not sure I have updates turned off correctly? I have these disabled, Auto Up in Sys Prop, WGA in Pluggins, Autoupdates in TskMan Process(C:\WINXPRO\system32\svchost.exe -k netsvcs), BITS, RAS, WRD, UPnP and Remote Registry.

      I don't have any of the updates mentioned that I didn't authorize later than July 27, 2007.

      I'm sure the next update I authorize will likely include the ones in this discussion. MS may simply be trying to use its update system more efficiently. I just want to use the software and get on with my business. Cheers!
      • Control of Business Processes

        is not accomplished by inserting head in sand nor is defense of personal privacy which, in the US of A, is legally guaranteed via its constitution. BUT ONLY IF IT'S ENFORCED WITH AN IRON CUDGEL IN HAND.
        Jambalaya Breath
    • That will change

      With the patent changes on the horizon I believe (we do need it) that this entire flap over who owns software will be addressed. In the end, it is the software developers that will change.

      It is not renting, if it were renting, I would have rights that I don't have with ownership. Renting means that someone else will fix all problems associated with the rental unit. It doesn't matter if that rental unit is 1 year old or 1o years old, if I have no rights of ownership then I don't need to fix a corrupted DLL file in Win 98. I call MS and they do it for me..for free.

      Now does MS fix corrupted things in their 98 Win / OS? No. So do I own it or rent it. That position is used my software companies to their benefit. If it is broke....your problem you own it. If you want to sell can't it is rented.

      So software companies are slowly bringing the question toward a court decision. I don't think software companies want to fall under rented because if they do, the tenet of rental control will also confer expected rights to the renter. Rights like, fix my win 98 OS.

      Speaking of Win98 I have an old box that works quite well. I was rummaging through the registry yesterday and cam across something I didn't recognize. It was Fortezza. I did a search and apparently it is trademarked by the US government's National Security Agency. None other than the NSA. Kind of brings to mind a line from an old movie, Butch Cassidy and the Sundance kid where the lawman following them can't be shaken and the one guy says, "Who are those guys?"

      Oh and BTW, when you are renting the person you are renting from doesn't have explicit rights to come into your home unannounced or other such annoyances. So MS, if this is true can we all say.......CLASS ACTION!
      • I guess if you look at things a certain way...

        We never really own anything. Since we're only given a limited reign on this planet,
        you could say we're all renting or maybe we're caretakers. Some people and
        organizations collect information and take priveleges and use them to control other
        people and organizations. We have laws, but often the laws protect the people who
        are the controlers.
        • Ethereal tonight

          Getting quite ethereal tonight eh?

          <We never really own anything. Since we're only given a limited reign on this planet,>
          • At first

            I thought you were referring to the software "Ethereal".

            "Ownership"during my time alive means that -I- get to control the "owned" thing during that lifetime.

            "Rental" means that I obtain certain defined rights of use while others retain ownership. They agree to maintain those rights on my behalf in exchange for a fee.

            "License" means exactly and only what the license says it does. It is a civil contract which is limited only by your ability to negotiate well (fat chance) and by the laws of the nation where the contract applies.

            Have you read a good End User LICENSE Agreement recently?

            You either accept the Microsoft EULA or you use some other operating system.
            Jambalaya Breath
    • Renters have rights...

      I suppose you would expect a landlord to enter your house anytime they want even if you left a note on your door to contact you first if they needed in.
      • Actually

        in the US, it's the landlord who has to let you know that he (she, they) wants access except under emergency conditions or in cooperation with the law.

        With software, though, there might be an argument made that such access is limited by the DCMA. Erm, maybe not.

        Either way, if you don't want Microsoft poking around in your computer without even letting you know it's doing so, you will need to switch operating systems.

        Steal (my reasonable expectation of privacy) once, shame on you. Steal it twice, shame on me.
        Jambalaya Breath
        • Shame on them!

          Its not shame on me. I have no good alternative to what I do with MS OS's (XP) and remember I bought my WinXP! If car manufactures were to come and change your car (diminish it) after buying it they would be sued and yo would prob. never buy from them again! This is true of any other products in the world so why should MS get away with it!
    • Try again.

      They have no more right than the owner I RENT my house from to walk in WITHOUT my knowledge or consent.
      • aaahhh but does that apply to software????

        did you read your EULA as to what you signed up to allow and not allow?
        I dare you to take MS to court over this update as yhour Rent arguement. They have you by the gonads so Good luck
        • Many things are so but

          There are many powers that companies and governments assume until someone has the $$$$ to take them to task. It is then when we see if those powers are of legality or just usurped powers.

          That EULA that so many point to could probably (if someone had the $$$ to take to task) be considered a contract of adhesion because it was not freely bargained. It is a one sided agreement and many times when push comes to shove, a contract of adhesion are considered void by courts.

          In the past thirty I've signed plenty of contract of adhesion type agreements and ones that don't lean in my favor. But I want the job and so I sign it. That doesn't make it a legal offer but........

          Nobody has touched the EULA because frankly, there is no money to be made in taking the case.

          It's kind of like those little slips of paper you sign for your kid to go on a field trip, the paper that is to relieve those transporting your child of all liability. The problem is they are not valid and are only there to keep those that don't know to sit down and shut up. The legal hole is big enough to drive a Kenworth semi through.
        • Sure, no problem

          Many courts have ruled that EULAs are not laws and cannot override laws.
          • Sure, sure.

            No problem, all you have to do is have the money to outlast the richest company in the world in court... and hire a lawyer to go against the best battery of lawyers that money buys...

            You go first, we'll watch from here.
      • Better check

        May I suggest you ask your attorney about that right that you assume. In most States there are laws against it. :) Sorry about that but you can't just walk in that rented house.

        Try entering that house in the day with your pass key, no renter at home and you could...just could see the Constable at your door this evening.
      • If you live in an apartment...

        All they have to do is put a note on your door and they can come in and pretty much
        do what they want.
        • Place a not

          You say if you place a note...well yes, you have given them permission.
  • It's their right

    MS created the OS, people chose to install it, so MS has the sovereign right to do whatever it wants to your Windows machine (I'm sure that users all agreed to that when they clicked on the EULA they didn't read).

    Of course, actually complaining about it (or even worse, withholding your patronage from MS because of it) simply proves that you're an anti-business extremist with no appreciation for the fiduciary responsibility corporate executives have to look after the the interests of their stockholders (and nobody else).
    John L. Ries
    • Re: It's their right

      "withholding your patronage from MS because of it) simply proves that you're an anti-business extremist "

      extremist for withholding my patronage?? what a JOKE. I will withhold "patronage" from any company I deem unworthy to receive my "patronage".