XP Stealth Update Worse Than Believed

by , 1:20 PM EDT, September 27th, 2007

In early September, Microsoft uploaded stealth updates to XP and Vista, even though users had the Auto-update option turned off. Now it's been found that the update had more serious consequences than first thought, and users of XP's repair function have been unable to install the latest 80 patches, according to Windows Secrets on Thursday.

"The trouble occurs when users reinstall XP's system files using the repair capability found on genuine XP CD-ROMs.... The repair option, which is typically employed when XP for some reason becomes unbootable, rolls many aspects of XP back to a pristine state. It wipes out many updates and patches and sets Internet Explorer back to the version that originally shipped with the operating system.

"Normally, users who repair XP can easily download and install the latest patches, using the Automatic Updates control panel or navigating directly to Microsoft's Windows Update site.

"However, after using the repair option from an XP CD-ROM, Windows Update now downloads and installs the new 7.0.600.381 executable files. Some WU [Windows Update] executables aren't registered with the operating system, preventing Windows Update from working as intended. This, in turn, prevents Microsoft's 80 latest patches from installing � even if the patches successfully downloaded to the PC," Scott Dunn reported.

The technical details of how to recover followed.

"In my articles in the last two weeks on the silent installation of the Windows Update support files, I stated that the stealthy upgrade seemed harmless. Now that we know that version .381 prevents a repaired instance of XP from getting critical patches, 'harmless' no longer describes the situation. The crippling of Windows Update illustrates why many computer professionals demand to review updates for software conflicts before widely installing upgrades," Mr. Dunn warned.