Know your upgrades

Know your upgrades

For the past two weeks, I’ve written about the fact that Microsoft a few months ago quietly changed Windows Update. It now uploads the Product ID number of your Windows installation and a list of your installed hardware (see “Windows file update,” Mar. 24, page 22).

On its face, this isn’t so much a horrible change as it is an omen of Microsoft’s direction. Reader Walt Kwait sent me the next update message we’re likely to see: “Click Yes, or No, or Cancel, or press Escape, or End Task, or just power off your PC to update your machine with any changes Microsoft wants to send you or take from you. Your birth alone was implied consent to Microsoft Corporation, allowing this to happen.”

Other readers saw a silver lining in the change. “I’m more than happy to see Microsoft grab more and more information on the sly,” Alexander LeDonne writes. “Every time they do, there’s another spate of managers with Dept. of Defense, Health Insurance Portability and Accountability Act (HIPAA), or EU privacy compliance questions who decide that the Microsoft proposition will only get worse, and that an open-source solution is the way to go.”

Some observers criticized the comment of the Microsoft spokesman I quoted, who said that Windows Update is completely voluntary and that users aren’t required to run it. “I can just imagine trying to get support from them if you do not have the latest patches installed,” David Rahn says. “The first thing they usually say is, if you’re not running the latest patches, get there and then we’ll talk. Getting patches may be voluntary, but needing them certainly is not.”

Other readers, however, have found they can’t trust Windows Update and have turned to other sources. “Microsoft’s downloaded driver update suggestions are completely unreliable — when I first began using WU, I made the mistake of accepting a Microsoft-suggested driver update for Windows 2000 Pro and managed to wipe out my sound system capabilities,” Charles Ward says. “Fortunately, I was able to recover by deleting the sound components in Control Panel and letting Windows re-install them by Plug and Play. Now I know not to touch any Microsoft driver suggestion and instead to use the PC manufacturer’s suggestions from its Web site instead.”

Aside from hardware driver updates, the lack of Windows Update support even for some critical software fixes reduces its usefulness. “One of the biggest disappointments to me is that Windows Update, when run on a Windows 2000 Server, does not check for current IIS [Internet Information Server] patches and other server-related patches,” Paul Erickson notes. “I’m required to separately download and install the Microsoft Baseline Security Analyzer in order to more completely check the server for vulnerabilities.”

For the enterprise, Microsoft’s new version of SUS (Software Update Services) is a promising way to keep PCs patched. I wrote about SUS 1.0 last year (see “Services with a smile,” Oct. 21, page 18). We’ll take a new look next week.