Microsoft considers making Windows software updates automatic via Internet by default

“Microsoft Corp. executives, digging out from the aftermath of an unwelcome Internet worm that wriggled into [at least] 500,000 of its customers’ computers last week, say that it is time to consider making software updates automatic for home users of the Windows operating system,” Brian Krebs reports for washingtonpost.com. “The company is ‘looking very seriously’ at requiring future versions of Windows to accept automatic software fixes unless the user specifically refuses to receive them, said Mike Nash, corporate vice president of Microsoft’s security business unit.”

“‘The feedback we got when we did XP a few years ago was ‘I don’t want Microsoft automatically putting things onto my machine,” Nash said. ‘What we’re finding now is that through a combination of the availability of broadband and customers wanting to stay up to date with security patches, and, most importantly, considering the kinds of threats out there now, that customers want us to keep them up to date automatically — not just by downloading the patches for them but installing them as well,” Krebs reports.

“The next version of Windows, which analysts expect to be completed in late 2004, could be the first to let the Auto Update feature download patches from Microsoft without requiring the user’s explicit approval. Microsoft is also considering whether to make the Auto Update mandatory earlier, through an interim upgrade known as a service pack. A final decision to make the feature mandatory for home users has not yet been made, but one Microsoft executive called it ‘the ideal solution.'”

Full article here.

19 Comments

  1. Cyber Terror Master Plan:

    Step 1) Create so many viruses that MS decides to autodownload updates.
    Step 2) Hack the MS website.
    Step 3) Send super-virus to every Wintel machine.
    Step 4) Watch mayhem ensue.

    Good times!

  2. this just spells security hole…

    i give it 3 weeks till someone ( or everyone ) figures out how to use this “feature” to load there malicious code and install it while you sit and think that your computer is being protected from some fake virus….

    stupid microsuck when will they learn.

  3. Does Apple have automatic SU turned on by default? Somehow I thought they did. (Me, I tend to turn off any automatically scheduled anything–‘net related or not!)

  4. Ouch! The way I read the statements, you wouldn’t be able to turn the feature off! You’d ALWAYS be in touch with MS about your system details!

    You could refuse a specific patch, but not the communication by which you are discovered to need the patch and receive the notice.

    People will never stand for that. Why “required?” Why without user approval? MS can’t possibly go through with this without at least making it totally optional.

    I’m sure people will make their own software to block the feature anyway.

  5. “Does Apple have automatic SU turned on by default?”

    Apple’s Software Update only notifies you that new updates are available. You choose whether to download and install them. It looks like Microsoft wants to make Windows automatically download *and* install new stuff.

  6. Hey, looks to me Microsoft is going bonkers. The scenario from rageous is perfect for a virus. It is no more a hole: it is a Main Entrance Gate open. Will be first time ever virii will upload themselves as PATCHES ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />

    Next security fix for Windows will be:
    Step 1) disconnect PC from the net
    Step 2) shut down
    Step 3) hide under bed

  7. LOL: showed the article to a Windows user (maybe next switcher).
    His comment: “Now on Windows installation there will be a new requirement: requires broadband internet!”

    Incidentally this is a good thing. If M$ goes with the forced-down-your throat update it will mean lots of dissatisfied customers among professionals. Could you imagine during a presentation or a demo your PC going bezerk because it starts the upload/update process and you cannot stop it????
    I see lots of laughable shambles from using Windows then!

  8. Fun…

    if M$ put a door they can open to load “updates” and any hacker will find it and use it also.

    What happens if the Windoze version is obsolete (will M$ force to “upgrade”?) or not registered (remote Format C: in DOS parlance).

    Who would be happy to have M$ (or anybody else…) peek on your hard disk? I would not, no way, no discussion.

    It is about time to upgrade: buy a Mac!

  9. The issue isn’t automatic updates but the number of morons who don’t update when the updates are made available and worst still, those who DO update find that in 3 days time they’re told to uninstall the old update because it cases performance degridation.

    Typical Microsoft, “Update your machine immediately but don’t expect us to take responsibility if the patch is f*cked”.

  10. Mandatory, automatic software updates are a minefield for end users. On the one hand, I’m sure Microsoft would be thrilled to have a means to retroactively modify the capabilities of certain software, perhaps to make it conform to new copyright protection/digital rights management ‘standards’. (I think Microsoft already once squeezed new DRM terms/features into Windows Media Player in the guise of an upgrade, and of course Apple removed some capabilities of iTunes with the 4.0.1 release).

    On the other, even if hackers don’t manage to compromise Microsoft’s update mechanism, just one patch that hasn’t been properly tested could wipe out the Microsoft user base. There was a recent Microsoft-issued patch that disabled Internet connectivity for some users (making recovering from the patch rather tricky). Imagine a patch that caused a similar problem, automatically pushed to users all over the world. Ouch.

    In the most paranoid scenarios, automatic updates offer the potential to hold a country or an entire region hostage: the European Community would think twice about imposing fines on Microsoft, if Microsoft could disable every net-connected Windows machine in the EU with one ‘patch’.

  11. All I can say about this is:

    mmmm, boy…..Micro$not totally taking over the controls of your computer, bur also completely taking over your computing experience…..turning you into a mindless, lazy shadow of your former thinking self……all in the name of “security”, because the pc user cannot think for themselves or figure out when to do something…..so easy to control, so easy to manipulate…….

    I thought it was a Queen that was the head of the Borg……but, then again…….

    Oh, well. You get the life that you allow.

  12. ha hah ah ah. I can’t stop laughing, it’s all funny!

    I’d hate to have automatic updates on my computer. I think IT departments all over the world wouldn’t want to take part because M$ patches can @#&* up a computer without the proper testing as someone stated before.

    It sounds like M$ is at a dead-end. They can’t force users to update their systems because it sounds like M$ will then have too much control on user computers (as if they don’t now). And the road they are on now is already not working. Let’s just take a look at what has happened over the past year:

    Apple: ITMS, G5, updated Ipods, Panther….
    M$: Blaster, Slammer, and European Union problems….

    The tides are definitely turning my friends.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.