Feeds

Microsoft EULA asks for root rights – again

PC, heal thyself

  • alert
  • submit to reddit

Intelligent flash storage arrays

An addition to Microsoft's End User Licensing Agreement has alarmed Register readers.

Windows XP Service Pack 1 and Windows 2000 Service Pack 3 contain a new condition which asks you to allow Windows to go and install future updates.

"You acknowledge and agree that Microsoft may automatically check the version of the OS Product and/or its components that you are utilizing and may provide upgrades or fixes to the OS Product that will be automatically downloaded to your computer," is the new bit you'll be interested in.

Consent-based push, then. And pretty similar to what you already get in Windows Update, for sure. But what's it doing in the installation sequence?

"I don't agree to let Microsoft 'automatically' (for which, read 'at Microsoft's discretion, and without my knowledge or consent'), install 'updates or fixes' (for which, read 'digital rights management facilties') so I hit 'I don't agree' and cancelled out," writes Joel Hanes from Santa Clara, CA.

We think that the word "may" absolves Microsoft of the consent argument, but this isn't exactly clear.

And as he points out, this could be back door for future DRM technologies. Such a clause was smuggled into a security patch in June.

On the other hand, users already consent to similar conditions whenever they use the Windows Update facility - and few complain.

The change needn't apply to corporate users. Microsoft recently introduced Software Update Services, which allows managed upgrades across the Intranet to users with Active Directory. (So you don't have thousands of desktops hitting Microsoft servers at once).

We've asked Microsoft if this was a legal or a technical decision, and what was behind the decision to make installation of the service packs conditional on this clause. We await their reply.

Related Stories

MS security patch EULA gives Billg admin privileges on your box
Anti-EULA script removes offending text

Remote control for virtualized desktops

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
First in line to order a Nexus 6? AT&T has a BRICK for you
Black Screen of Death plagues early Google-mobe batch
Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash
Lovely presentations... but not on your Flash-hating mobe
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The hidden costs of self-signed SSL certificates
Exploring the true TCO for self-signed SSL certificates, including a side-by-side comparison of a self-signed architecture versus working with a third-party SSL vendor.