Maybe this is old news to some of you, but the MS05-054 security update (http://www.microsoft.com/technet/security/Bulletin/MS05-054.mspx) also includes setting the kill-bit for Sony's First4Internet activeX control. Apparently, this was done at the request of Sony itself.
This cumulative security update sets the kill bit for the First4Internet XCP uninstallation ActiveX control. For more information about this ActiveX control, visit the SONY BMG Web site. Older versions of this control have been found to contain a security vulnerability. To help protect customers who have this control installed, this update prevents older versions of this control from running in Internet Explorer. It does this by setting the kill bit for the older versions of this control that are no longer supported. This kill-bit is being set with the permission of the owner of the ActiveX control.

My first reaction to this was: :devil:

My second one is mixed: Sony tries to hide something on my system, and when it fails, Microsoft hides something in a batch of totally unrelated but critical patches that kills it off again. They do document it, but not exactly in a place where the casual user would find it. You would certainly not notice this when you only use the live update function.

I'm not sure if I like the idea of microsoft disabling software on my system as part of a general security patch. It also illustrates how far Microsofts control over the software on my system has gone through the live-update mechanism.

Note also that only the older versions are disabled.

hehe... live update.

i say killing rootkits et al is something a security update should do - so long as a universal definition of "malware" is adopted (and followed) that we all agree on, there shouldn't be much problem with having a security update remove/disable such programs.

to be honest, i'm quite knee-jerk about live updates anyway - i never like to install something without question, even if it comes from the people that wrote my operating system (especially if it does?.. microsoft seem quite adept at actually removing features every time one "upgrades").

if my machine is running stable, i simply don't install the updates.

i say killing rootkits et al is something a security update should do - so long as a universal definition of "malware" is adopted (and followed) that we all agree on, there shouldn't be much problem with having a security update remove/disable such programs.I have no problam with killing of malware, I just think it should be very clear that it is happening, and there should be an opt-out since those definitions are missing right now.

I don't really have an option to not install the security update, since the other updates involve IE and not having them leaves your system vulnerable to all sorts of malicious websites and viruses. Some of the security holes patched are already actively being used. Using firefox helps, but only so far. IE is integrated to such an extend that you can be the victem of an IE securityflaw without even actually starting it up simply because another program or part of Windows uses the IE module involved.

My point is that when M$ offers to kill a certain program they should do so in a separate patch, which is clearly advertized as doing so. Not bury it in a set of unrelated IE patches.

It is thoughtless; this is exactly what the Malicious Software Removal Tool is supposed to do. If someone doesn't want the malware remover monkeying around with their machine, they can just skip it every month. On the other hand, you can't very well skip a critical IE rollup unless you absolutely never use it for anything. I'm with you that I don't really see a good reason to roll it into the critical update. (The MciWndX removal is similar, and perhaps should be separate and not even a part of "security" updates, but at least it is microsoft's own code and not known malware.)