Using exploit tactics more in line with adware and spyware companies, Microsoft has updated the XP and Vista update engines of users without explicit or implied permission. Update 7.0.6000.381 bypassed the notification and permission dialog box.

The backdoor update was also reported in eWEEK and eWEEK labs confirmed the action as did ZDnet. Microsoft has not explained its intentions but a forum found that said updates would not work any longer unless 7.0.6000.381 was installed.

This is the second known time that Microsoft slipped in updates without permission. The first was when Windows Genuine Advantage (WGA) was installed without user’s consent or knowledge. WGA was part of Microsoft’s anti-piracy program. Read more »