Windows Update attack

["Richard M. Smith" <rms () computerbytesman com>]

http://www.theregister.com/2007/10/25/windows_update_snafu/

Resource-hogging search app sprung on reluctant admins

By Dan
<http://forms.theregister.co.uk/mail_author/?story_url=/2007/10/25/windows_u
pdate_snafu/> Goodin
Published Thursday 25th October 2007 01:04 GMT
 
Something seems to have gone horribly wrong in an untold number of IT
departments on Wednesday after Microsoft installed a resource-hogging search
application on machines company-wide, even though administrators had
configured systems not to use the program.

"The admins at my place were in a flap this morning because Windows Desktop
Search 3.01 had suddenly started installing itself on desktops throughout
the company," a Reg reader by the name of Rob informs us. "The trouble is
that once installed, the indexer kicks in and slows the machines down."

The blogosphere is buzzing with similar reports, as evidenced by postings
here <http://sadjadbp.spaces.live.com/blog/cns!21F12BB61B822DFA!263.entry> ,
here <http://dblume.livejournal.com/78836.html>  and here
<http://www.davidarno.org/2007/10/24/microsoft-update-strikes-again/> .

"I'm slighly pissed of [sic] at M$ right now," an admin in charge of 3,000
PCs wrote in a comment to the first aforementioned link. "All the clients
have slowed to a crawl, and the file servers are having problems with the
load."

A Microsoft spokeswoman said she was looking in to the reports.

According to Reg tipster Rob, Window
<http://technet.microsoft.com/en-us/wsus/default.aspx> Server Update
Services forced Windows Desktop Services 3.01 on the fleet of machines even
though admins had configured their system to install updates only for
existing programs and the search program wasn't installed on any machines
(well, until then, anyway).

It's been a rough several weeks for managers running Microsoft's auto update
services. Last month, bloggers disclosed the existence of a Windows patch
that silently
<http://www.theregister.com/2007/09/14/microsoft_dispels_stealth_update_rumo
rs/> and automatically installed itself even on Machines configured not to
install updates. Critics cried foul on the principle that users should have
absolute control over their machines. They also argued that the stealth
update could hamper compliance requirements.

Microsoft said the patch was installed on machines only to make sure Windows
Update worked properly in the future. Managers promised to be more
transparent in the future.

The revelation that Microsoft is pushing yet more installations not
explicitly agreed to by administrators is not likely to sit well with this
same vocal contingent. Redmond may want to don the asbestos suits now. R

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.