More Windows Update woes (and Halo 3 hack)

ERROR. Failed to update Thursday's IT Blogwatch: in which more Windows Update problems appear, causing an in-place repair to be stuck in a timewarp. Not to mention MIT's Halo 3 prank at Harvard...

Gregg Keizer reports:

The contentious stealth update that Microsoft delivered to customers this summer blocks 80 patches and fixes from installing after Windows XP is restored using its "repair" feature, researchers said today. Scott Dunn, who first reported the problem in a story posted Thursday morning to the "Windows Secrets" newsletter, said that users who reinstall Windows XP with the repair option cannot retrieve the full set of updates from Windows Update (WU). The problem, he said, has been traced to the so-called "stealth update" to WU which Microsoft has acknowledged sending to users beginning in July.
...
[It] affects any user who restores Windows XP using the setup CD's "repair" option, sometimes also called an "in-place reinstallation" because it reinstalls the operating system files without disturbing the applications and data already on the disk drive. Because repair is essentially a roll-back to XP's original state, the OS must be updated with all subsequent patches and hotfixes using WU ... After a repair, XP defaults to the "Automatic" setting for Automatic Updates, which means WU is immediately updated to version 7.0.600.381, the version pushed to PCs by the summer's undercover upgrade, said Dunn. Seven of the DLLs ... however, fail to register themselves with Windows. That, in turn, keeps XP from successfully installing approximately 80 of the most recent patches and fixes.
...
While the registration failure and the unsuccessful patch installations aren't directly related to the fact that Microsoft didn't disclose the silent WU updates, Dunn sees it as part of a bigger, and disturbing, picture ... If anyone needed proof that stealth updates are a bad idea, Microsoft's defense of the practice notwithstanding, this is it, said Dunn. [more]

Here's Scott Dunn (for it is he):

A silent update that Microsoft deployed widely in July and August is preventing the "repair" feature of Windows XP from completing successfully ... I was able to reproduce and confirm the problem on a test machine. When WU tries to download the most recent patches to a "repaired" XP machine, Microsoft's Web site simply states: "A problem on your computer is preventing the updates from being downloaded or installed." ... the problem will affect many administrators who must repair Windows ... isolating the cause of the failed updates is not a simple matter.
...
It is [now] not possible for Windows users to install updates without first receiving the 7.0.6000.381 version of nine Windows Update support files ... Consequently, users are forced to get the silent update before they can attempt to install Microsoft's latest security patches ... The problem apparently arises because seven of the DLLs (dynamic link library files) used by WU fail to be registered with Windows ... Registering DLL files is normally the role of an installer program. Unlike previous upgrades to WU, however, Microsoft has published no link to an installer or a downloadable version of 7.0.6000.381. Strangely, there's no Knowledge Base article at all explaining the new version. The lack of a KB article (and the links that usually appear therein) makes it impossible for admins to run an installer to see if it would correct the registration problem.
...
In my articles in the last two weeks on the silent installation of the Windows Update support files, I stated that the stealthy upgrade seemed harmless. Now that we know that version .381 prevents a repaired instance of XP from getting critical patches, "harmless" no longer describes the situation. The crippling of Windows Update illustrates why many computer professionals demand to review updates for software conflicts before widely installing upgrades.
...
If you find that Windows Update refuses to install most patches, you can register its missing DLLs yourself. This can be accomplished by manually entering seven commands. [more]

Todd Bishop sums it up:

Fixes made by Microsoft to installed copies of Windows without the user's knowledge or permission ... at first seemed alarming but harmless. A story set to appear Thursday in Windows Secrets newsletter says that's not so.
...
Nate Clinton, Microsoft's program manager for the Windows Update program, couldn't be reached for comment. [more]

Here's Robert X. Cringely (no, not that one, the other one):

Microsoft's argument for the stealth upgrade is a textbook example of pretzel logic. If Windows Update didn't automatically update itself, then the app might break and you might never be able to receive any future updates. Of course, if Update was broken it couldn't update itself. And if it weren't broken, there'd be no reason not to tell users. Even that lame reasoning doesn't explain why information about the update is virtually impossible to find – not on screen and not in the Microsoft Knowledgebase.

(Pure speculation: I suspect there's more to this story than Microsoft is telling. Perhaps they are finally addressing vulnerabilities in Update that allow it to be hijacked by malware, and they wanted to keep this a secret from the bad guys for as long as they could. Or maybe they're just being d**ks.)
...
There's a distinct aroma of dead mackerel to the whole story. [more]

Adrian Kingsley-Hughes doctors it up:

I've been neck deep looking into this problem for the last day or so ... [it] turns out to be a real issue! ... Remember too how the apologists claimed that there was nothing wrong with how Microsoft had behaved because there was no harm done? Well, it turns out that this update isn’t as benign as we first thought and can indeed cause problems for Windows XP users if they try to repair their installation.

I've dragged Microsoft over the coals for this before and the main response from Microsoft apologists was "well, what's the fuss, it didn't do any harm." Well, it does do harm. This is exactly why we can't have undocumented fixes being sent to PCs, especially when they are being installed on systems where consent for updates hasn't been given. I'm now looking at Microsoft to release clear information about this and all previous stealth updates and to change the way it operates and be far more transparent with regards to updates. Problems like this XP repair issue are made much more difficult to troubleshoot when you're dealing with unknown updates.
...
We approached this issue in much the same way that we approached the initial claims of a stealth update - with a healthy level of skepticism ... [but] we were shocked to find that we couldn’t update the systems. Windows Update informed us that it needed to update itself, and once that was done allowed us to continue as far as downloading the updates, but, and here’s the but, when it came to installing them, all 80 updates slated for installation failed with no indication as to why and with no offer of a remedy to the problem. Trying to re-download the updates meets the same conclusion ... Windows Update is totally broken. [more]

Steven Parker comments:

Looks like this one isn't going away anytime soon, yet another Microsoft watcher has claimed that "Stealth" updates actually do more harm than good. [more]

Buffer overflow:

Around the Net

• Freedom to Tinker: One Laptop Per Child (New Version), Reviewed by 12-Year-Old
• Schneier on Security: The Technology of Homeland Security
• Anne Corwin: More on the Singularity Summit 2007
• Storagezilla: IBM employees hold virtual strike
• Direct2Dell: Dell's Carbon Neutral Plans
• Tom Olzak: TJX failed to encrypt wireless data
• Dennis Yang: Bridging The Tech Gender Gap
• Eric Bangeman: When wireless > DSL: Sprint, Motorola show off WiMAX on the Chicago River
• iface thoughts: Choose Your Operating System
• Blah, Blah! Technology: Semantic Web as the killer app, Part 2

Around Computerworld

• Frank Hayes: DEMOfall: Push comes to shove
• Frank Hayes: DEMOfall: Share and share alike
• Michael R. Farnum: Our civic duty as Internet citizens
• Heather Havenstein: Diplomatic Blogging
• Ian Lamont: Apple Newton, take 2?
• Ian Lamont: Survey shows NAS growth more than doubling
• Robert L. Mitchell: Phaser or LaserJet? HP and Xerox duke it out
• Ian Lamont: Vintage TI and HP calculators: Computing icons from the pre-PC era
• Angela Gunn: Meet the identity-theft perps
• Preston Gralla: Comcast: We won't reveal download limits
• Shark Tank: Small world
• Shark Bait: Now I have to qualify the meaning of "Nothing"

Previously in IT Blogwatch

• Excel bug calls for wrong number (and GHP CDs)
• OLPC's "$100" XO laptop to go GOGO (and homophones)
• Vista Ultimate Extras still AWOL (and Alien furnishings)
• Gartner forecasts yesterday's weather (and dragonslayer)
• Intel's WiMax on wee devices (and e-whiskers)
• Older posts

And finally... Halo 3 MIT-style hack

Richi Jennings is an independent analyst/adviser/consultant, specializing in blogging, email, and spam. A 20 year, cross-functional IT veteran, he is also an analyst at Ferris Research. You too can pretend to be Richi's friend on Facebook, or just use boring old email: blogwatch@richi.co.uk.