Something suss about Microsoft’s WSUS?

Alex Zaharov-Reutt
Sunday, 28 October 2007 21:40

Opinion and Analysis

An update to Microsoft’s Windows Desktop Search tool was accidentally rolled out to desktops and servers around the world on computer networks using Microsoft’s WSUS update tool, even though many had blocked the update, infuriating system admins worldwide.
An update to Microsoft’s Windows Desktop Search tool for Windows XP SP2 and Windows Server 2003 SP1+ systems that was actually a new version of the tool installed itself automatically, without authorization, on corporate computer systems worldwide last week.

Furious system admins worldwide have spoken on blogs and forums of finding the update inexplicably installed on users computers, causing massive slowdowns as the Windows Desktop Search tool began slowly indexing users computers, with the initial relatively intensive indexing process causing most of the problems caught by surprise by the update.

At first, a Microsoft employee, Bobbie Harder, the Program Manager of the WSUS software tried explaining in a difficult to understand blog entry that Microsoft and the WSUS software wasn’t really at fault.

However, the story soon changed when Bobbie Harder wrote a new blog posting saying , in part, that: “Unfortunately, in revising this update, the decision to re-use the same update package had unintended consequences to our WSUS customers”.

Harder continued that: “Namely many of you who had approved the initial update package for a limited number of machines, had Tuesdays' WDS revision 105 automatically install on all clients because of the expanded applicability scope and because by default, WSUS is set to automatically approve update revisions”.

Harder then apologized, saying that: “We sincerely regret the inconvenience this has caused and extend a sincere apology to all impacted customers”.

While Harder’s second blog post (linked above) does have instructions on removing the update, some users have reported that the update also removes the ‘Quick Launch’ toolbar, meaning Microsoft will most likely have to come up with yet another update that doesn’t have any unwanted side effects.

Some system admins have question how the situation could have arisen, and have asked questions about the possibility of hackers somehow infiltrating the WSUS update mechanism on Microsoft’s end, potentially allowing hackers to mass install updates on computers around the world through the ultimate backdoor of Microsoft itself.

Others have said their trust in the WSUS service has been eroded, causing some admins to turn off the feature that allows updates to previously allowed updates to be installed automatically, a feature which has been implicated to have been the cause of the accidental mass software installation at the hands of Microsoft.

Other admins have wondered aloud who will pay for the cleanup costs, with some saying it should be Microsoft, although that, at least for now, seems unlikely. Either way, Microsoft have made quite a mistake in pushing software out to users without their explicit permission, and for some users, seemingly despite their denial of authorization for the update to occur at all.

Microsoft’s apology is certainly a first step in the right direction, but apologies are no guarantee it will never happen again.

System admins will no doubt start taking a much closer look at how patches and updates are rolled out across an organization, with some inevitably choosing to tighten down procedures further, now not only to protect themselves from hackers through the application of the latest updates, but to protect themselves from more potential Microsoft mistakes.

Talk of this episode helping the Linux and Mac platforms has already occurred on blogs and forums, and despite plenty of detractors, Microsoft has also had some loyal users defend the company and the now admitted error.

It will hardly be the end of Windows on the server or the desktop, but one thing’s for sure: Microsoft must redouble its efforts to ensure such a breach of trust does not happen again, through better testing and Q&A before release to the general public, or next time, the damage could be far worse, both to users and Microsoft itself.

The continuation of Microsoft’s dominance of the OS market depends on it!