The newsletter editor who uncovered a series of
covert
downloads in Windows is now claiming that
Microsoft's Onecare package is
responsible for further unauthorised updates.
Scott Dunn, who publishes the Windows
Secrets newsletter, said that the Microsoft security service changes the
settings on the Automatic Updates component without warning.
Automatic Updates has an option to prevent patches from automatically
installing on a system. This option is typically chosen by users who wish to
test patches for compatibility issues before installing.
The problem, said Dunn, occurs on installation. Onecare changes the settings
within Automatic Updates to accept and download Microsoft updates without
warning, he reported.
Users had reported unauthorised downloads earlier this month following the
monthly security update. At that time, Microsoft said in a company blog that
nothing in the monthly update had changed the setting, and that all the users
filing the report had the automatic update feature enabled prior to the
download.
Dunn suggests that this may be because the settings had been changed when
OneCare was installed.
"Users could have installed OneCare — even a free trial version — at any time
in the recent past and been unaware of any changes until Automatic Updates
forced a reboot in the wee hours," he wrote.
Dunn noted that in the Onecare Frequently Asked Questions page, Microsoft
admits to the condition.
"Windows Live OneCare makes sure that Automatic Updates is turned on to the
recommended [automatic] setting,"
reads
the page.
A Microsoft spokesperson told vnunet.com
that the company would address the report in an upcoming blog posting.
Do you agree?
Have your say on this article