The Automatic 'Automatic Updates' Update

I've always been one to put a leash on Automatic Updates. Sure, you can download the patches to my machine, but please notify me before they get installed. I always look through the knowledgebase articles before installing anything. Inevitably, I accept everything the agent offers me, but I still want that control over what goes onto my system. When Microsoft Watch's Joe Wilcox asked for the eWeek Labs to confirm whether Automatic Updates was doing unauthorized updates of itself, of course I was intrigued. I wouldn't put it past Microsoft to do it, but without notifying the user or asking permission? Seemed an unwise practice to get into.

I've always been one to put a leash on Automatic Updates. Sure, you can download the patches to my machine, but please notify me before they get installed. I always look through the knowledgebase articles before installing anything. Inevitably, I accept everything the agent offers me, but I still want that control over what goes onto my system.

When Microsoft Watch's Joe Wilcox asked for the eWEEK Labs to confirm whether Automatic Updates was doing unauthorized updates of itself, of course I was intrigued. I wouldn't put it past Microsoft to do it, but without notifying the user or asking permission? Seemed an unwise practice to get into.

Combing through the Event Viewer logs on several computers I maintain, I discovered two different machines - both running Windows XP with Service Pack 2 - that indeed exhibited the signs of an update. On the afternoon of Aug. 23, both machines engaged Automatic Updates,

autoupdate1.JPG

which then updated itself

autoupdate2.JPG.

And indeed, on that day, Automatic Updates revved from version 7.0.6000.374 to 7.0.6000.381.

autoupdate3.JPG

One of the machines I use regularly, and while I could not remember approving an update, I was pretty sure I had not approved the installation. The second machine, on the other hand, I hadn't touched in months. In fact, after giving the logs a good once over, I realized that the second machine had downloaded the August Patch Tuesday assortment as regularly scheduled. But I did not install those patches at that time (seeing as how I wasn't using the system). So when Automatic Updates updated itself on the Aug. 23, it did so without installing the patches awaiting my action.

The left hand was obeying my wishes (to wait), while the right hand openly disregarded them.

In an article about this topic on Windows Secrets, I found this little nugget - apparently from Microsoft Partner Support to a Windows Secrets contributor: "7.0.6000.381 is a consumer only release that addresses some specific issues found after .374 was released. It will not be available via WSUS [Windows Server Update Services]."

I can attest to some of this statement. Some of my other Windows XP clients that were configured via Group policy to download their patches from our local WSUS server (instead of directly from Microsoft's servers) did not receive this little update. They still have version 7.0.6000.374.

However, the statement that 7.0.6000.381 is a consumer-only release is misleading. Today, I was building a Windows Server 2003 Enterprise-based machine for some upcoming tests. When I updated the server using Windows Update, the Automatic Update client was updated to 7.0.6000.381 as well.

But at least in this case, I got to approve the update before it decided to land on my machine. I guess Microsoft considers anyone who uses their patch repositories to be a consumer.