Is Your Copy Of Windows Misbehaving?

According to the people at Windows Secrets, Windows might have been making changes to user’s systems without asking first, a situation that had been observed before, and denied by Microsoft.

Windows XP and Vista have started installing updates at shutdown, in certain cases, without displaying a warning or requesting permission, according to reports by several readers.

I don’t know about you, but I really don’t like this behavior. Though I know it was begun because people did not like the forced shutdown, or annoyances of being pushed to allow a restart. If, as I do, you leave your system on for days at a time, you frequently have issues when you finally do restart, or shut down the machine.

The forced-install behavior has been witnessed at least three times by Windows Secrets editors, but Microsoft says its procedure for Automatic Updates hasn’t changed in the last 10 months.

The behavior seems to occur only if a Windows user has Automatic Updates configured to “download updates but don’t install them” or “notify me but don’t install them.” If updates are scheduled to occur automatically, with no notice to users, the silent installation of updates would be expected.

This is the way my systems are all set, though I have not witnessed the behavior personally – I like to see that the updates are ready to be installed, and no download must occur as I wait for the updates to install.

Most Windows patches are desirable and have few unwanted side effects. A few updates, however, are known to disable or conflict with other software. For this reason, many individuals and companies require that all upgrades be researched or tested before anything is installed.

Numerous conflicts have caused users to take a cautious approach to updates. For example, WS contributing editor Susan Bradley reported in her July 10, 2008, column (paid content) that Microsoft patch MS08-037 completely disabled the Internet connection of machines that use the ZoneAlarm firewall. Many users can’t afford this kind of interruption of service and prefer to study each update before approving its installation.

The last description of Windows updates, and the havoc wreaked by it, is exactly why many users have gotten so wary of Microsoft, and it’s Windows products.

The newsletter from Windows Secrets continues to illuminate the reasons that the updates might be taking place without user input -

One theory to explain the forced installs is that the large number of patches Microsoft released on June 9 overwhelmed the Redmond company’s download servers. Ten separate security bulletins, some including numerous versions of patches, were announced that day — an unusually high number.

The extra demand may have caused some downloads to be incomplete. Incomplete downloads are known to disable the notification icon and possibly the approval dialog that’s supposed to appear during shutdown.

Microsoft described in Knowledge Base article 910340 on Dec. 5, 2007, how an incomplete patch download can prevent the notification icon from appearing.

The document says: “During periods of heavy download traffic, the Automatic Updates service can reschedule download requests on a day-to-day basis…. The Automatic Updates service is designed to resume and complete the download as quickly as possible. Usually, the update will usually be downloaded and installed in several days.”

This explanation is little consolation for Windows users who — due to company policy or any other reason — want to avoid installing the latest build of .NET Framework, Internet Explorer 8, or any other update that has known issues. If the forced-update bug strikes you, however, any updates that are in the queue will be installed without the opportunity for you to review them.

Microsoft has aroused scrutiny in the past for installing upgrades even though users have set Automatic Updates to “don’t install.” Windows Secrets was the first publication to report in a Sept. 13, 2007, article that Automatic Updates silently installs nine small executable files to upgrade itself, regardless of the AU setting.

In a follow-up story two weeks later, WS associate editor Scott Dunn reported problems caused by a silent AU upgrade that Microsoft began in July 2007. The new executable files prevented security patches from successfully installing on Windows XP if the Repair function of XP’s install disc had been run.

Paul Pottorff, senior product manager of Windows Update, stated in an e-mail interview that no similar silent upgrade has been installed by Automatic Updates since August 2008. He explains that there’s been no change to Windows’ auto-update routine since then that would explain the recent reports of forced installs.

Considering the number of Windows users, and the vast amounts of money Microsoft reaps from the sales of Windows, I’ve always thought a bit more research of the possible problems should be undertaken by the company before releasing the updates. It has always seemed to be a hit-or-miss proposition; will these updates cause the machine to hang on the upcoming reboot? Once past the reboot, it then was a matter of checking to see what was broken.

The reason for this was the few times that all seemed well, and then some untoward behavior was observed, and, after a few days to weeks had passed, it was much harder to pinpoint that the updates of Windows was the cause.

The only way to remove this problematic behavior is to totally disable the updates behavior – and wait for reports that nothing has been observed to cause problems during the update cycle.

The problem here is that frequently, a scare has been put in the populace by Microsoft’s own warnings. Classifying updates as critical, along with warnings of exploitations of the holes by the press, makes many users anxious to be rid of the possible attack scenarios.

This seems to have no change in the upcoming Windows 7 release, as Microsoft seems comfortable with the behavior, and not concerned about the anxiety that is caused by their upgrade methods.

§

•