Langa Letter: Microsoft's Controversial New EULA Terms
Fred Langa looks at the new language in Microsoft's End User License Agreement, and shows how you can protect yourself against unwanted software updates.
A "EULA" is an "End User License Agreement," usually in the form of legal text you're shown at the start of the installation of new software. Many users blow past such text without reading it; but whether you read it or not, by continuing with the software installation, you're agreeing to whatever terms and conditions are spelled out in the EULA.
Recently, Microsoft changed its EULA. The new EULA first appeared in an update to Windows Media Player, but then also showed up in Service Pack 3 for Windows 2000 and in Microsoft's online "Product Use Rights" document, which you can read at http://www.microsoft.com/licensing/resources. By all appearances, Microsoft is making the new language part of its standard licensing for all its software.
- How Attackers Identify and Exploit Software and Network Vulnerabilities
- Quick Tips for Managing Mobile Users
White PapersMore >>
- Strategy: 3 Steps to a Hands-Free Cloud
- Best Practices: Using Apple's Global Proxy to Boost Mobile Security
The release of the new EULA was done very quietly and without fanfare until it was picked up and publicized by "The Register," a wildly erratic British tech site that alternates between providing hard-core, cutting-edge info, and embarrassingly shallow rants.
The Register's initial take on the EULA was, alas, in the latter category: a very poorly done article called "MS security patch EULA gives Billg [Bill Gates] admin privileges on your box." The article led many people to think that Microsoft was granting itself unlimited license to snoop inside your PC and kill off software it might not like. For example, here's just one of many, many similar reader E-mails I got on the subject:
Dear Fred: New Windows Media Player patches may automatically disable other software on your computer that MS deems unacceptable. It's bye-bye to WMP for me! I don't want MS computer sabotage.
When Microsoft used the same new EULA terms inside Service Pack 3 for Windows 2000, The Register responded with a better but still inflammatory article called "Microsoft EULA asks for root rights--again." ( http://www.theregister.co.uk/content/4/26517.html ) Many other tech sites followed suit with similar articles, and a new flood of reader E-mail poured in. For example:
Hello, Fred. I noticed the availability of SP3 for Windows 2000 some days ago on Windows Update, and went to the MS Website to download and install it, but afterward I saw this article on The Register about a part of its EULA where it mentions that Windows could check component versions and automatically download updates, and associates it with Windows possibly downloading Digital Rights Management or other software without the user's knowledge.
Look At The Actual Text
I certainly can understand these concerns: Microsoft's own past actions have fostered deep distrust about the software giant's actions and intents. But rather than leaping to conclusions based on fear, hysteria, and yellow-tinted journalism, let's look at the actual text in question, which I lifted verbatim from the Windows 2000 SP3 EULA:
If you choose to utilize the update features within the OS Product or OS Components, it is necessary to use certain computer system, hardware, and software information to implement the features. By using these features, you explicitly authorize Microsoft or its designated agent to access and utilize the necessary information for updating purposes. Microsoft may use this information solely to improve our products or to provide customized services or technologies to you. Microsoft may disclose this information to others, but not in a form that personally identifies you.
The OS Product or OS Components contain components that enable and facilitate the use of certain Internet-based services. You acknowledge and agree that Microsoft may automatically check the version of the OS Product and/or its components that you are utilizing and may provide upgrades or fixes to the OS Product that will be automatically downloaded to your computer.