Readers state concerns over Windows Update

Virginia culler By Virginia Culler

The Sept. 13 issue of Windows Secrets reported that Windows Update sometimes installs files without notice, even ifauto-install has supposedly been disabled.

Many readers are dismayed to learn that their control over their computers is compromised and are asking how they can prevent this in the future.

Stability issues raised in update’s wake

The Sept. 13 issue of Windows Secrets revealed that Windows Update has been installing some files silently, despite the fact that users have selected a “do not install” option in the Automatic Updates control panel. Many readers wondered why their firewalls did not bar Microsoft’s activity. The answer is that the Windows Update Agent initiated the contact to Microsoft’s servers. The resulting file download, therefore, appeared to be an expected response.

Other readers asked if they could &#8212 or should &#8212 configure their firewalls to reject Microsoft downloads. A reader named Scott W. writes:

  • “Would you be able to publish a list of DNS names and IP addresses that Microsoft uses for Windows Update? I want to block the IP addresses in my router firewall, and I want to disable the DNS names (just in case they change the IP addresses of Windows Update) in my DNS server.”
While it’s possible to block all Microsoft IPs, it’s not an action anyone here would recommend as appropriate for readers.

First, there would always be new IP servers that would need to be added to the blockade. An extensive list of entries recently provided in the KezNews forum can give you an idea of how long your table might become &#8212 unless you want to use wildcards to block anything originating from the Microsoft domain.

Second, the burden would fall squarely on the end user to determine what needed to be blocked and what didn’t. This is far too labor-intensive a solution for most companies, and it may cause unforeseen problems.

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.

= Paid content

All Windows Secrets articles posted on 2007-09-20: