Date: Sun, 23 Jan 2000 15:53:23 -0600 (CST) From: Gene Harris <zeus@tetronsoftware.com> To: "Dan Seafeldt, AZ.COM System Administrator" <yankee@az.com> Cc: security@FreeBSD.ORG Subject: Re: Microsoft Windows Update Message-ID: <Pine.BSF.4.10.10001231540360.15130-100000@tetron02.tetronsoftware.com> In-Reply-To: <Pine.BSF.3.91.1000122004435.7170E-100000@gate.az.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The automatic update notification is a service runs in the background and polls the web site. There is no "invasion" of privacy. You can also schedule this software to execute with task manager or with the "at" command under NT. I am not sure what point you were trying to make, but some of your facts are not correct. You can look for the registry key HK_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run/CriticalUpdate and remove the key or disable it by making a minor name change in the path. The program is called wucrtupd.exe and can be run from the command line. The program polls the web site with a simple query, then starts the web browser and connects to the web site, if you answer "yes", instead of "remind me later". If you select yes, the program downloads an updated software catalog. You get to select from the diff list on the web page and update any software that you desire. I prefer to execute the program with the task manager at 2am, that way it checks once a day. *==============================================* *Gene Harris http://www.tetronsoftware.com* *FreeBSD Novice * *All ORBS.org SMTP connections are denied! * *==============================================* On Sat, 22 Jan 2000, Dan Seafeldt, AZ.COM System Administrator wrote: > > http://windowsupdate.microsoft.com > > This website has delivered automatically several fixes to the OS involving > Dos and even more importantly data break-in in the past few months. It is > distressing to continually get notified of new fixes involving invasion of > privacy or possible loss of confidential business data. These fixes > usually involve html or JAVA related involving IE but some OS fixes have > been posted as well. Although if FreeBSD implemented something similar to > this, it might be nice to consider when public notification of the nature > of the problem before, during or after a particular fix was automatically > disseminated would be appropriate. From what I can tell the automatic part > of Windows Update is an opt-in deal, it does not enable unless you answer > a question the first time you go to that website, if you answer yes, it > becomes a permanent thing running in the background. The Windows update > website does not seem to consider the timing of the posting of security > breach details or descriptions. > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10001231540360.15130-100000>