[Infowarrior] - Windows XP repair disk kills automatic updates

Sat Sep 29 14:42:34 UTC 2007

Windows XP repair disk kills automatic updates
Critics speak out of both sides of mouths
By Dan Goodin in San Francisco → More by this author
Published Saturday 29th September 2007 00:04 GMT

http://www.theregister.co.uk/2007/09/29/windows_update_flap/

Comment A commonly used method for repairing Windows computers can disable
the automatic installation of Microsoft updates, or patches, it was revealed
this week.

The company is getting a kicking from critics for this - the same people who
slammed the company two weeks ago when Microsoft forced a Windows patch on
users who had turned off automatic updates.

They have a point, but their latest tirades also show them speaking out of
both sides of their mouths.

Two weeks ago, they rightfully said how misguided it was when, in July,
Microsoft issued a patch that automatically installed itself even when
Windows users specifically opted out of automatic updates. The issue boiled
down to control, and since the PC belonged to the end user, it was the end
user who should ultimately decide what software runs on it.

Beyond that bedrock principle, many IT administrators also said that forcing
installs without a company's consent or knowledge could jeopardize
compliance requirements since as they could no longer affirm they were in
complete control of machines storing patient records and other sensitive
types of data.
Hatch, patch, match, dispatch

Microsoft eventually explained that the forced update concerned Windows
Update itself, and as such, was installed on machines that were configured
to keep track of new patches, even if the user had opted not to have them
automatically applied. Failure to patch Windows Update would prevent it from
working reliably, Microsoft said.

Redmond also admitted it could have been more transparent, meaning it should
have explicitly explained that unless a user completely shuts down Windows
Update (and not for instance sets it to download updates and install them
later) certain files related to Windows Update will automatically change
from time to time.

That seemed like the end of the debate, but it wasn't.

The latest friction came after a post here by Scott Dunn and a piece here by
Adrian Kingsley-Hughes pointed out that users who used the repair option
from a Windows XP CD-ROM were no longer able to install Windows updates,
putting them at considerable risk for Worms and other types of malware.

It turns out the repair disk - which is often used to roll back a corrupted
version of Windows an earlier, undamaged state - unregisters some of the
files that were installed in the Windows Update update, and in doing so,
prevents Windows Update from working at all.

This, they suggested, was proof positive that the forced update from July,
which by dint of its version number was branded 7.0.600.381, was nefarious
after all.

"Now that we know that version .381 prevents a repaired instance of XP from
getting critical patches, 'harmless' no longer describes the situation,"
Dunn writes. "The crippling of Windows Update illustrates why many computer
professionals demand to review updates for software conflicts before widely
installing upgrades."

Rather than raise red herrings about stealth updates, we should recognize
the true fault here, which is that repair disks break Windows Update,
something that should never, ever happen.
Latest fix

In a blog post here, Microsoft's Nate Clinton says the company has issued a
KB article to restore Windows Update after it becomes disabled.

Now that Microsoft has recognized the problem and issued a fix, it needs to
redouble its efforts to make sure Windows Update never again disabled.

But it's inconsistent for critics to take Microsoft to task for pushing an
update that was necessary for the continued smooth running of Windows Update
and then gripe when the update gets undone by a repair disk. Microsoft's
lack of transparency - although a problem - wasn't at issue here so much as
a needed change in Windows Update that could be undone by an officially
sanctioned utility that many Windows admins rely on.

As the linchpin for a securely running machine, Windows Update will
inevitably have to be updated from time to time. Here's hoping Microsoft
provides better notice in the future - and that users heed common sense when
told to install it. ®