» Confirmation of stealth Windows Update | Hardware 2.0 | ZDNet.com

» Confirmation of stealth Windows Update | Hardware 2.0 | ZDNet.com

September 13th, 2007

Confirmation of stealth Windows Update

Posted by Adrian Kingsley-Hughes @ 3:46 am Categories: Microsoft, Stealth Update Tags: Microsoft Windows Update, Information Technology, Update, Stealth, Microsoft Windows, Adrian Kingsley-Hughes

+69

82 votes Worthwhile?

I can now confirm that the stealth Windows Update that I blogged about yesterday actually exists - because I’ve detected its presence on a machine at the PC Doc HQ.

At the PC Doc HQ we have several systems set not to update. This is so that they are kept at a specific patch level for testing duties. Many of these systems are virtual machines but some are physical. When I heard about this stealth update I decided to take a look at one of these systems that don’t update automatically - and within seconds I found what I was looking for.

Which files are updated depends on the OS you are running. The updated files on Vista are:

• wuapi.dll
• wuapp.exe
• wuauclt.exe
• wuaueng.dll
• wucltux.dll
• wudriver.dll
• wups.dll
• wups2.dll
• wuwebv.dll

And on XP SP2:

• cdm.dll
• wuapi.dll
• wuauclt.exe
• wuaucpl.cpl
• wuaueng.dll
• wucltui.dll
• wups.dll
• wups2.dll
• wuweb.dll

The test system was running Windows XP SP2. Reports and rumors suggest that this update was being pushed out on or around the 24th of August so I fired up Event Viewer and scrolled down to this date … and here’s what I found:

Here’s the entry showing the update kicking off.

Update completed successfully - but not the lack of information regarding the update.

Here’s one of the updated files.

These updates without notification is a slippery slope. I just don’t like the idea of having updates foisted upon systems without being aware that they are coming in and having the option to postpone them. Why? Simple. IT’S MY PC!!! If a user chooses not to have updates installed automatically, Microsoft needs to respect this decision. Period. If this is not possible, notifications should be made after the update has been installed clearly identifying the updates, describing what it does and giving users a way to roll back the system if they want to.

Stealth updates - Right or wrong?

• Wrong (95%)
• Right (5%)

Total Votes: 3,752

Loading …

Thoughts?

• Blog This
• E-mail
• Print
• Sphere

Adrian is a technology author who has devoted over a decade to helping users get the most from technology. He also also runs a popular blog called The PC Doctor. See his full profile and disclosure of his industry affiliations.

Previous post

Talkback - Add your opinion

Most Recent of 85 Talkback(s)

Linux/*BSD are harder to use

That's fine if you can live with the hodgepodge of programs and utilities in free OS's like Linux and *BSD, which don't seem to be integrated very well. I just spent two days trying to get NIS workin... (Read the rest)

Posted by: cjcantwell@... Posted on: 09/13/07 You are Logged In | Log out

Common knowledge *NEW* whisperycat | 09/13/07

hardware? no... *NEW* linuxoverwindows | 09/13/07

Should not be a surprise. After all.... it's Microsoft. *NEW* shawkins | 09/13/07

Microsoft knows better *NEW* jabramo@... | 09/13/07

RE: Common Knowledge *NEW* jay@... | 09/13/07

As usual... *NEW* BitTwiddler | 09/13/07

Right. And Apple thinks the iPhone is theirs *NEW* John Zern | 09/13/07

I agree, but *NEW* bmgoodman | 09/13/07

Your iPhone belongs to your carrier. *NEW* Resuna | 09/13/07

Not the computer, *NEW* cashaww | 09/13/07

MS in compliance with EULA *NEW* bmgoodman | 09/13/07

That's a load of... *NEW* John E Wahd | 09/13/07

Local Laws? *NEW* ken.ryan@... | 09/13/07

who is going to sue them>? *NEW* linuxoverwindows | 09/13/07

yup the EULA covers their collective rear ends *NEW* voska | 09/13/07

Staying off the net to avoid MS intrusions *NEW* hjkarten | 09/13/07

Eula doesn't apply here *NEW* voska | 09/13/07

Well technically they didn't break in.... *NEW* John E Wahd | 09/13/07

Same could be said with that hacker *NEW* voska | 09/13/07

Again a guess but.... *NEW* danm_50@... | 09/13/07

That's the problem *NEW* mannyamador | 09/13/07

MS / EULA *NEW* CodeBubba | 09/13/07

I agree --- likely within the terms *NEW* danm_50@... | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* MadBastard | 09/13/07

Sorry, buddy *NEW* Chad_z | 09/13/07

About the $5.00...... *NEW* devlin_X | 09/13/07

This is a apples and oranges comparison but in California *NEW* bka1959 | 09/13/07

Legal Action *NEW* donfitz@... | 09/13/07

Unbelievable *NEW* Chad_z | 09/13/07

Anyone ID a patch #? *NEW* johnay | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* frankbicknell@... | 09/13/07

Automagic Updates *NEW* CodeBubba | 09/13/07

Just updating Windows Upate client? *NEW* Chimp | 09/13/07

The problem is not the content of the update. *NEW* rick.agolia@... | 09/13/07

Yes Please Please, EULA reform!! *NEW* LittleGuy | 09/13/07

Product Life Cycle *NEW* rick.agolia@... | 09/13/07

Is it time to block MS with your firewall? *NEW* Kungfoofighterx | 09/13/07

Fallout? What fallout? *NEW* rolf.ernst@... | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* dingers@... | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* iacobus | 09/13/07

Disabling the Service *NEW* rick.agolia@... | 09/13/07

An Analogy *NEW* nova81426 | 09/13/07

So you contacted MS and they said what? *NEW* devils_advocate | 09/13/07

Read the EULA *NEW* lefty.crupps | 09/13/07

Privacy gone! *NEW* mike-roeser@... | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* sm@... | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* coachgeorge | 09/13/07

What is going on with ZD Net?? *NEW* coachgeorge | 09/13/07

One of these day i hoppe that *NEW* Quebec-french | 09/13/07

What about admin rights? *NEW* ebb@... | 09/13/07

Good question, because if it does *NEW* bka1959 | 09/13/07

vector for attack *NEW* grgcro@... | 09/13/07

Re: Is it time to block MS with your firewall? *NEW* dgrainge | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* CCBluebird | 09/13/07

This is the point *NEW* rolf.ernst@... | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* cne@... | 09/13/07

It doesn't matter what the EULA says. *NEW* Dr_Zinj | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* jon.bjerke@... | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* Fred.Weasley88@... | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* mike.murphy@... | 09/13/07

Updates Done With Update Service OFF *NEW* filemakerpro | 09/13/07

I think he means turning off the updates service in services.msc *NEW* D. W. Bierbaum | 09/13/07

will microsoft bomb iran? *NEW* elbillo_2000@... | 09/13/07

If Microsoft has a backdoor then others do too *NEW* virtualcharlie | 09/13/07

I'm no hacker...but would'nt this be considered a hole? *NEW* Laff | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* gtbrown@... | 09/13/07

When is enough enough? *NEW* sfaid | 09/13/07

Government? *NEW* No_Ax_to_Grind | 09/13/07

I just wonder sometimes *NEW* KrazyGuy | 09/13/07

At the very best this is stupid and at worst criminal. *NEW* No_Ax_to_Grind | 09/13/07

The State *NEW* fromthehip | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* songofsnow@... | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* intertrade | 09/13/07

Don't Use a sanctioned copy! *NEW* scooke_z | 09/13/07

I'm done with Windows. *NEW* Magicman73 | 09/13/07

We had problems *NEW* wwwsupport | 09/13/07

Franklinisim *NEW* tony@... | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* portraitjungle | 09/13/07

A little more info.... *NEW* techboy_z | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* spstanley | 09/13/07

Control Freaks 101 *NEW* osreinstall | 09/13/07

Another reason to install a 3rd party firwall. *NEW* AZson | 09/13/07

EULA Legality Issue *NEW* ceh4702 | 09/13/07

RE: Confirmation of stealth Windows Update *NEW* tpatric99 | 09/13/07

Linux/*BSD are harder to use *NEW* cjcantwell@... | 09/13/07

What do you think?