Feeds

Microsoft EULA asks for root rights – again

PC, heal thyself

  • alert
  • submit to reddit

The next step in data security

An addition to Microsoft's End User Licensing Agreement has alarmed Register readers.

Windows XP Service Pack 1 and Windows 2000 Service Pack 3 contain a new condition which asks you to allow Windows to go and install future updates.

"You acknowledge and agree that Microsoft may automatically check the version of the OS Product and/or its components that you are utilizing and may provide upgrades or fixes to the OS Product that will be automatically downloaded to your computer," is the new bit you'll be interested in.

Consent-based push, then. And pretty similar to what you already get in Windows Update, for sure. But what's it doing in the installation sequence?

"I don't agree to let Microsoft 'automatically' (for which, read 'at Microsoft's discretion, and without my knowledge or consent'), install 'updates or fixes' (for which, read 'digital rights management facilties') so I hit 'I don't agree' and cancelled out," writes Joel Hanes from Santa Clara, CA.

We think that the word "may" absolves Microsoft of the consent argument, but this isn't exactly clear.

And as he points out, this could be back door for future DRM technologies. Such a clause was smuggled into a security patch in June.

On the other hand, users already consent to similar conditions whenever they use the Windows Update facility - and few complain.

The change needn't apply to corporate users. Microsoft recently introduced Software Update Services, which allows managed upgrades across the Intranet to users with Active Directory. (So you don't have thousands of desktops hitting Microsoft servers at once).

We've asked Microsoft if this was a legal or a technical decision, and what was behind the decision to make installation of the service packs conditional on this clause. We await their reply.

Related Stories

MS security patch EULA gives Billg admin privileges on your box
Anti-EULA script removes offending text

Security for virtualized datacentres

More from The Register

next story
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Mathematica hits the Web
Wolfram embraces the cloud, promies private cloud cut of its number-cruncher
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
Mozilla shutters Labs, tells nobody it's been dead for five months
Staffer's blog reveals all as projects languish on GitHub
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!
Not fit for purpose on day of launch, says Cupertino
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.