Microsoft’s OneCare Security Tool Alters Windows Automatic Update Settings

There are claims from certain quarters that the OneCare package of Microsoft has been allowing secret downloads and unlawful updates.

On October 25, 2007, a researcher said that the consumer security application of Microsoft Corp. modifies the settings in Automatic Updates of Windows Vista and XP without informing users or acquiring their consent. He found this behavior more akin to recent developments of patch installation and rebooting of systems without approval.

Microsoft, however, responded by denying any hidden changes during the past week. It asserted that Automatic Update settings were never changed without the user's permission and refused to accept that OneCare was in any way responsible.

Scott Dunn, Editor of newsletter 'Windows Secrets', reported on October 25, 2007 that OneCare quietly alters the AU configuration during its installation process. PCWorld reported this in the fourth week of October 2007. Irrespective of the AU settings already on the user's computer when OneCare installs, it silently alters that setting and makes it fully automatic.

A feature of Automatic Updates enables it to stop patches from installing on its own on a Windows system. Users typically choose this option when they want to test the compatibility of patches before loading them.

While several sources initially called it a Windows Update problem, Windows Secrets' editors discovered that the case was related to something else. A number of bloggers in early October held the opinion that Windows Update altered its own configuration, loaded patches without the approval of the user, and restarted the system. But the Windows Secrets editors reported that Windows Update was not responsible for these problems. According to them, it was the OneCare security package of Microsoft that made the alterations. Users could neither notice as the settings changed nor was it possible to prevent the OneCare installation.

Earlier in October 2007, when users reported they found unauthorized downloads on their systems as a result of the monthly batch of security updates, Microsoft said in its blog that the monthly security update had not modified the setting but that the change could be due to users having their automatic update enabled before the download.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 11/16/2007