Microsoft warns users of coming update to Windows Update

Preannounces update after customers raised Cain over 'stealth' upgrade last year

Microsoft has announced it will upgrade Windows' update mechanism later this month, a warning that comes nearly a year after the company issued a similar upgrade without informing users.

Last September, reports of Microsoft conducting a "stealth" update of its Windows Update (WU) service angered users and put the company on the defensive.

"Beginning at the end of this month and continuing over the next few months, we'll be rolling out an infrastructure update to the Windows Update agent," said Michelle Haven, a product manager in the Windows Update group, in a posting to the team's blog late last Thursday.

Haven went on to say that the update, which would affect both Microsoft's back-end update infrastructure as well as the client-side software necessary to use WU directly or access it through a Windows Server Update Services (WSUS) server. She also said users would see few, if any, visible changes in the WU software or process, but that scanning performance would improve. "We've invested heavily in reducing the amount of time it takes the Windows Update agent to scan to see if new updates are available," she said. "We've seen some instances of the scan times on some machines decreasing almost 20 per cent."

Microsoft revises the WU infrastructure and client software annually, said Haven.

Haven's pre-release announcement was in stark contrast to last year, when users raised a ruckus after discovering that Microsoft had updated files related to the Windows Update client even when they had disabled the operating systems' automatic installation option.

Microsoft's response then was that it had engaged in the practice before, and the client-side software needed to be updated -- no matter what the user settings -- in order to guarantee receipt of future security patches.

Haven made the same case last week. "To avoid a false sense of security, the Windows Update client automatically checks for and installs any available infrastructure updates anytime a system uses the Windows Update service, independent of the settings for how it handles updates," she said.

The only setting that will not result in the WU client software being updated, Haven added, is the "off" option, which is labeled "Turn off Automatic Updates" in Windows XP and "Never check for updates" in Windows Vista.

Some users weren't happy, even with Microsoft's advance notice. "It [is] unfortunate you didn't take the opportunity of XP SP3/Vista SP1 to fix this obviously incorrect behavior and regain users' trust, especially after the contraversy [sic] this caused back in September," said a user identified only as "thingy" in a comment to Haven's post. "As it is, you are still ignoring an explicit user instruction to 'don't download or install things on my machine without my permission'."

Last year, after the initial reports of WU's stealth updating, Microsoft acknowledged it could have done a better job informing users. "The point of this explanation," said Nate Clinton, a WU program manager in September 2007, "is not to suggest that we were as transparent as we could have been; to the contrary, people have told us that we should have been clearer on how Windows Update behaves when it updates itself.

Join the newsletter!

Error: Please check your email address.

More about Microsoft

Show Comments
[]