Microsoft's stealth updates stymie XP repairs

The contentious stealth update that Microsoft delivered to customers this summer blocks 80 patches and fixes from installing after Windows XP is restored using its "repair" feature, researchers said Thursday.

Scott Dunn, who first reported the problem in a story posted Thursday morning to the "Windows Secrets" newsletter, said that users who reinstall Windows XP with the repair option cannot retrieve the full set of updates from Windows Update (WU). The problem, he said, has been traced to the so-called "stealth update" to WU which Microsoft has acknowledged sending to users beginning in July.

Two weeks ago, Dunn broke the story of the background updates, which were sent to most non-corporate Windows XP and Vista users. The updates were delivered and installed without prior notification, even when the PC's owner had told the operating system not to download or install updates without notification and permission.

The revelation launched a firestorm of protest from users, which in turn prompted Microsoft to defend the practice as well as say it would think about ways to clarify its update policies.

"Two weeks ago we said that the silent update was harmless," said Dunn Thursday. "But now we're saying it is a problem."

That problem affects any user who restores Windows XP using the setup CD's "repair" option, sometimes also called an "in-place reinstallation" because it reinstalls the operating system files without disturbing the applications and data already on the disk drive. Because repair is essentially a roll-back to XP's original state, the OS must be updated with all subsequent patches and hotfixes using WU. A system bought soon after Windows XP SP2 was released, for example, would need to download and install about three years' worth of updates.

After a repair, XP defaults to the "Automatic" setting for Automatic Updates, which means WU is immediately updated to version 7.0.600.381, the version pushed to PCs by the summer's undercover upgrade, said Dunn. Seven of the DLL (dynamic link library) files that make up 7.0.600.381, however, fail to register themselves with Windows. That, in turn, keeps XP from successfully installing approximately 80 of the most recent patches and fixes.

In a normal, non-repair situation, there's no indication of a glitch, since DLLs by the same name have previously been keyed into Windows' registry. "On a repaired copy of XP, however, no such registration has occurred, and failing to register the new DLLs costs Windows Update the ability to install any patches," he said

Dunn pointed out workarounds, which included installing an older version of WU over the top of 7.0.600.381. "Windows Secrets" has also posted instructions for creating a batch file that registers the seven DLLs.

While the registration failure and the unsuccessful patch installations aren't directly related to the fact that Microsoft didn't disclose the silent WU updates, Dunn sees it as part of a bigger, and disturbing, picture. "It's part of the whole problem with the silent update, and all part of the pattern of Microsoft's sloppiness," he said. "They're keeping us out of the loop. They're not working well with the IT community."