News

Windows Security Program Accused of Changing Update Settings

Windows Live OneCare could be among the root causes of Microsoft's ongoing problems with unwanted automatic updates.

Windows Live OneCare could be among the root causes of Microsoft's ongoing problems with unwanted automatic updates on Windows programs and applications, according to a Windows enthusiast Web Site.

WindowsSecrets.com is reporting that its staff members found that OneCare, an OS security service featuring an integrated protection suite, silently changes Automatic Update settings. In doing this, the program causes the automatic installation of patches followed by an overnight reboot -- mostly at 3 a.m. -- despite every defensive measure a user might take against such a drastic modification.

"Based on our findings, we believe that this is Microsoft's way of telling the IT community what's good for them," said Scott Dunn, associate editor of the newsletter. "It not only updates your system for you but doesn't even tell you it's doing it. It's like they're saying: 'Go ahead and just trust us.'"

Microsoft does a poor job of informing users of the action. The only apparent mention of the forced change is buried deep a "Help" file.

This revelation is the latest chapter in the continuing saga of how Microsoft updates computers. Less than a week ago, Redmond suggested that components outside of Windows, such as foreign applications, were likely responsible for these unwarranted alterations and reboots, which confounded proponents and made critics skeptical. In September, the software giant admitted to tweaking the Windows Update apparatus in various OS versions without letting customers know.

Eric Schultze, chief security architect at Saint Paul, Minn.-based Shavlik Technologies, said that if the OneCare information is confirmed, "Microsoft could be eating crow."

"What this would represent is very poor communication between the OneCare team and the Windows team, and it's inexcusable. At the least they should put out a disclaimer letting customers know upfront and in bold terms about the fact that they were installing and rebooting or that these things can or may happen with the program," Schultze said.

Microsoft said Wednesday that the company was looking into the OneCare issue and reiterated that an ongoing investigation into the larger issue of Windows Automatic Update is still pending.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

comments powered by Disqus

Reader Comments:

Mon, Oct 29, 2007 radicalspud Anonymous

As long as Microsoft continues to assume that their software belongs to them in perpetuity, regardless of who owns the machine it's running on and how much the user has paid (to "license" it, remember), they will continue to pull shady BS like this. it's the end users' responsibility to do whatever is necessary to guard against this refusal to relinquish control over their products: turn off Automatic Updates that pull directly from M$; if you use WSUS, turn off ALL automatic approval, and spend the time to go through every update that comes through; don't deploy ANY updates, no matter how "critical" they claim to be, without testing on non-crucial machines first, and look on the Web for info about problems caused by patches; and don't install or uninstall OneCare if you have it, as it seems like it's asking for trouble.

Thu, Oct 25, 2007 Pat Anonymous

I also don't run OneCare on Vista and my computer changed settings and rebooted at 3am during the last snafu. Nice try Microsoft...

Thu, Oct 25, 2007 Dave Anonymous

OneCare may be installing updates automatically, but I don't run OneCare on my servers. All of a sudden WSUS pushed out Windows Desktop Search for Server 2003 to 52 of my servers without my approval. As you can imagine I'm not too happy about that. I think theres more to it all than a glitch or poor communication. I also don't think that Microsoft would need 'investigate' anything. They know exactly what their software does. If I'm wrong, then Microsoft has some deeper issues.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.