What Microsoft can teach Apple about software updates

I was stunned and angry when I saw Apple Software Update offering Safari 3.1 for Windows, with the check box obligingly selected and the Install button awaiting a click. Apple's defenders say it's no big deal that an update mechanism intended to deliver security fixes has been co-opted to help Apple with its ongoing hostile takeover of the Windows desktiop. I think Apple is dead wrong in the way it’s gone about using its iPod monopoly to expand its share in another market. Ironically, an excellent model for how its update program should work already exists. It’s called Windows Update, and it embodies all the principles that Apple should follow. See for yourself with this image gallery.
Written by Ed Bott, Senior Contributing Editor on

Last summer, I looked at Apple’s announced plans for its Safari web browser and wondered out loud, Is Steve Jobs planning a hostile takeover of the Windows desktop? Apple’s decision last week to begin aggressively pushing Safari to any Windows user running iTunes (in other words, anyone with an iPod or an iPhone) made this part of my earlier post look downright prescient:

Does any Windows user want Safari on their current system? Unlikely. Does Steve Jobs want as many Apple logos as possible on the Windows desktop when it’s running on Apple hardware? Absolutely. Think of it as a hostile takeover of the Windows environment by someone who is an acknowledged master at the art. Just ask the music industry.

I got to see this most recent move by Apple up close and personal last week. For Christmas, I gave my wife an iPhone. Based on her response, it was one of the best gifts I’ve ever given; she raves about it and uses it more than any gadget she’s ever owned. I helped her set it up, gritting my teeth at the mandatory installation of iTunes on her PC, but accepting it and turning on Apple Software Updates to make sure she keeps up to date on the many, many patches for iTunes. And several weeks ago I reminded her that she has to take update requests seriously. Most of them are issued for security reasons, and I want her PC and our network to be secure.

So I was stunned and angry when I saw Apple Software Update pop up on her PC last week. There were no updates for iTunes or QuickTime, the two Apple programs I installed for her. Instead, using the same mechanism that delivers security updates, Apple Software Update was offering Safari 3.1 for Windows, with the check box obligingly selected and the Install button awaiting her click.

For the record, I think Apple is dead wrong in the way it’s gone about using its iPod monopoly to expand its share in another market. Ironically, an excellent model for how this update program should work already exists. It’s called Windows Update, and it embodies all the principles that Apple should follow.

Compare for yourself: see my image gallery comparing Apple Software Update and Windows Update. Which company does a better job of disclosure, consent, and respect for the customer?

Those principles aren’t esoteric or new. For the most part, they represent well-accepted behaviors that define the way software companies should respect their customers. Companies that deliver network-connected software that contains potential security vulnerabilities have a responsibility to offer regular updates to repair those issues. The right way to do it involves these four principles

  • Opt-in is the only way. The update process should be completely opt-in. The option to deliver software should never be preselected for the user.
  • Offer full disclosure. The software company has a responsibility to fully disclose what its software does, and the customer should make the opt-in decision only after being given complete details about how the update process works.
  • Offer updates only. Updates should be just that. They should apply only to software that the customer has already chosen to install.
  • Don’t mix updates. Updates that are not critical should be delivered through a separate mechanism.

In this post and the accompanying image gallery, I’ll walk you through how Apple offers its updates and how Microsoft does the same thing. After you see both procedures in action, you tell me who’s got it right and who’s doing it wrong. Note that I’m not asking you to accept my point of view. Look at the evidence and decide for yourself.

Here's the Apple way:


When you install iTunes as part of setting up a new iPod or iPhone, the update option is selected by default. In other words, you must opt out of automatic updating. There’s no disclosure of what this option means, and several screens make references to updates to license agreements you never accepted. The license agreement for Apple Software Update does not describe what the software does. By default, Apple Software Update is set to check for “updated software” every week. This setting is not disclosed, nor can it be changed except after installation. After you install iTunes for the first time, Apple Software Update runs and offers Safari 3.1 for Windows. You can clear the check box for Safari and then close the Apple Software Update dialog box, but when the Update program runs again a week later, you’ll be offered Safari again. The only way to make it go away is to leave the Safari item selected and use a well-hidden option to suppress this update.

And now the Microsoft way:


When you set up Windows for the first time, you see a screen that asks you to choose your update options. It's an opt-in system. There are abundant links to Help text and web pages that explain what each option does, as well as a link to the Update Services Privacy Agreement. Updates are downloaded and installed for Windows only, based on the preferences you set up initially. You can opt in to Microsoft Update, which enables updates for Microsoft programs other than Windows. There is ample explanation of what the options mean, and you must jump through several hoops to opt in to this program. Even if you choose to opt in, external programs such as Silverlight 1.0 are listed as Optional updates. The only way to see the list of Optional updates and install them is to visit a separate page, manually click the check box, and then click Install.

Compare those two systems in respect of the principles I outlined earlier. Apple offers an opt-out system, offers no disclosure, and mixes potentially unwanted software with its security patch updates. By contrast, Microsoft has a scrupulously maintained opt-in system, with full disclosure every step of the way.

Unfortunately, some people who spend most of their time in the Apple universe believe what they hear about the monster from Redmond, which leads even very smart people like the normally perceptive Dave Murdock, whose Inner Exception blog is on my must-read list, to get it absolutely backwards:

Windows Update (now Microsoft Update) pushes new software on [users], Silverlight is the latest example.

That’s wrong. Double wrong, in fact. Windows Update is not the same as Microsoft Update. As you can see, it’s a 100% opt-in program, and even when you choose to use Microsoft Update, there’s a clear, bright line between security-related updates and those that are non-critical. If you visit the image gallery I’ve put together, you can see for yourself that Silverlight is not offered automatically. In this case, at least, the knee-jerk criticism of Microsoft is misplaced.

All browsers have security-related issues. Safari is no exception. Adding any major application to a computer, especially a new browser, is not a decision to be made lightly. Even John Gruber of Daring Fireball, who enjoys pretty much the same relationship to the Mac universe as I do to the Windows world, agrees with me. First he quotes a reader, who “pretty much nails it”:

I’m all in favor of programs updating themselves — especially potentially network-exploitable apps like iTunes or QuickTime — but companies shouldn’t abuse that to push entirely unrelated software on end users.

And then Gruber adds:

The reason reactions to this controversy have been so polarized is that we’ve been mostly arguing about the wrong thing: how or whether Apple should offer new applications to Windows users via the current Software Update app. The problem is with the design of the Software Update app itself.

Absolutely correct.

Cupertino, get your photocopiers ready. In this case, at least, it's the right thing to do.

Editorial standards