Kerry said:
"The poster formerly known as 'The Poster Formerly Known as Nina DiBoy'"
In some cases it appears you have to check for updates to get the
update. If you do touch the update site the Windows Update service is
updated no matter what you have your settings set to. I have mine set to
"Check for updates but let me choose whether to download and install
them". When I was notified of new updates I checked what they were,
downloaded and installed them. The stealth update came along for the
ride. Clearly I didn't have the opportunity to choose this update.
Microsoft says it was a necessary update in order for me to get the
other updates. That may be true but it is still an update that I didn't
get to choose if I wanted it or not. With all of Microsoft's resources
how hard would it be to notify me that there was an update I needed
before I could download the other updates? If the problem is one of
security then this is very scary indeed. If this relatively obscure back
channel method for updating had been compromised then full disclosure of
how is needed so we can protect ourselves in the future. For me I'm
going to turn the service off and only turn it on when I want to check
for updates. That way at least that attack surface will only be open for
a short time.
These "Minor Faux Pas" MS are making are not doing their reputation any
good at all among those in the IT field who need to do everything
possible to reduce the threat of compromise.
In my reading the EULA and the wording of the settings dialog
both "Imply" that if you adjust auto updating to your preference it will
do as you request.
I have one small app on a machine at work that demands I manually update
and restart else people are at risk while the restart takes place,
thus ANYTHING that interferes with the running of the app is a hazard.
MS have clearly just proven that their software can be error prone and
fail, as can their infrastructure, just the same as anybody else's can.
They also just discovered that what "Should be" an unnoticeable quick
fix sometimes is not.
Whilst this particular instance may not have caused me any problem the
fact that it took place without my being aware of it is a concern, I had
"Assumed" that auto updates off = MS not interfering with anything
unless requested.
Had this update somehow caused the system to crash there is another
aspect. We are all used to having to turn auto off and manually update,
that is a given, and when something fails you have a starting point.
Being unaware of this potential problem means that a great many IT
managers would have spent a lot of time looking in the wrong place.
Multiplied by the number of MS systems out there this is a huge cost.
As you rightly point out the possibility of some malicious use being
found for this is worrying enough, but add to that the fact that as in
the WPA debacle MS obviously don't fully grasp the full implications of
failures and how far reaching they can be is even more worrying. I don't
"Blame" anyone for not being able to foresee every possible
circumstance, that would be unfair because with the complexity of
systems these days I don't think anyone could... but I blame them for
not understanding that they can't foresee every possibility.