Microsoft changes Windows files on user PCs without permission, researchers say
Silent mods to XP, Vista occur even with auto updates off, claims 'Windows Secrets'
Computerworld - Microsoft Corp. has started updating files on computers running Windows XP and Vista, even when users have explicitly disabled the operating systems' automatic update feature, researchers said today.
Scott Dunn, an editor at the "Windows Secrets" newsletter, said that nine files in XP and Vista -- but not the same files in each operating system -- have been changed by Windows Update, the Microsoft update mechanism, without displaying the usual notification or permission dialog box. The files, said Dunn, are related to the XP and Vista versions of Windows Update (WU) itself.
"We started hearing from readers that Windows was modifying files in the middle of the night, even when Windows Update was turned off," Dunn said today. Some machines' event logs pinpointed Aug. 24 as the date when the invisible updates began, but on one of Dunn's personal machines, the log showed the changes taking place this week.
Dunn identified the changed files on Vista as wuapi.dll, wuapp.exe, wuauclt.exe, wuaueng.dll, wucltux.dll, wudriver.dll, wups.dll, wups2.dll and wuwebv.dll.
And on XP SP2, he said, the changed files were cdm.dll, wuapi.dll, wuauclt.exe, wuaucpl.cpl, wuaueng.dll, wucltui.dll, wups.dll, wups2.dll, and wuweb.dll.
In the past, Dunn noted, any changes to WU have been presented to the user for approval. "They at least warned you in advance," he said.
Not so this time, said Brian Livingston, the founder and editorial director of the newsletter. "We don't completely understand the [WU] technology, but apparently this doesn't go through the Auto Update settings. A lot of companies are very sensitive about changes made to their PCs, and although there's absolutely no sign of any malicious intent on the part of Microsoft, if it starts doing this, people should have a lot of concerns."
Microsoft gives users some flexibility in how their XP- and Vista-powered PCs retrieve and install updates and patches from the company's servers. In Vista, for example, users can turn off automatic updates entirely; check for, but neither download or install, any fixes; or download files but not install them.
Although Microsoft did not immediately respond to a request for comment, Dunn provided Computerworld with a copy of an e-mail he said "Windows Secrets" had received from Microsoft's online partner support. In the message, Microsoft only hinted at a reason for the changes: "7.0.6000.381 is a consumer-only release that addresses some issues after .374 was released. It will not be available via WSUS [Windows Server Update Services]."
"What's waking up at 2 a.m. and downloading files?" asked Livingston.
"Windows Secrets" plans to offer more details tomorrow on its Web site and to subscribers via its normal e-mail channel.
Related Articles and Opinion



- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- VMware View Optimization Guide for Windows 7
- This document provides guidelines for configuring a standard Windows 7 image to be used within a VMware View™ environment, providing administrators with the...
- Microsoft Volume Licensing Comparison - Small/Med. Business
- This quick-reference document lets small and medium organizations (i.e. those with five or more devices) to easily compare the available Microsoft Volume Licensing...
- Microsoft Volume Licensing Comparison - Enterprise
- With this quick-reference document, you can easily compare the available Microsoft Volume Licensing programs for enterprise organizations with 250+ devices, and tailor a...
- Microsoft Open Value Program Guide
- In this overview, see how Microsoft Open Value provides a flexible, affordable way for small to midsize organizations (i.e. those with five or...
- HP Software Licensing & Management Solutions for Microsoft
- See how HP Software Licensing & Management Solutions (SLMS) can help you identify the best Microsoft licensing program for your needs, get the... All Windows White Papers
- Optimizing Networks for the Cloud
- Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
- Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
- Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
- Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
- Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
- Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
- Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn...
- Virtualize Business-Critical Applications with Confidence
- Virtualizing business-critical applications has become a key focus for organizations as they move along their virtualization journey. With the launch of VMware vSphere®... All Windows Webcasts