When I was researching that story, a Microsoft spokeswoman confirmed for me that the company had never issued any announcement of this switch. Now it seems that Microsoft officials are eager to talk about it. In the interest of fairness, I'll print here their comments as fully as I can.
Many companies avoid WU, preferring the corporate utilities I reviewed last week. But the change is still important in forecasting Microsoft's plans.
The company posted an interview with Nick Dallett, WU program manager on March 24. The piece criticises researchers, claiming they said WU "provided Microsoft with a list of all software on a user's computer".
Let's clear this up. As I reported, the German group, tecChannel, plainly says WU's new potential to list all software "is currently unused".
Aside from that point, Dallett's comments seem accurate -- and revealing.
"We do collect information about the devices installed on your machine and the versions of drivers installed for those devices in order to see whether Windows Update has newer drivers that would be appropriate for your computer," he says.
"This information is used during the scanning process and is not stored by Microsoft ... The information includes the version numbers for your operating system and for Microsoft Internet Explorer, the version numbers for other software that the site provides updates for, plug and play ID numbers for hardware devices, and your region and language settings."
Dallett goes on to describe one of WU's new functions, called GetSystemSpec.
"This method can be used to obtain several different types of information," Dallet says. "When the method is called without any parameters, the default behaviour is to return all available data, which includes a list of top-level keys in the software hive of the system registry. However, when the Windows Update web site or the Automatic Updates client calls this method, the call includes parameters that limit the data that is returned so that it only contains information about the system type, the Windows operating system version and locale, and devices installed on the system," (see here).
This simply confirms the new routines tecChannel found. Microsoft has put itself in an unenviable position. Given this virtual vacuum cleaner, it's logically impossible to say what its parameters will or will not suck up in the future.
The new, currently unused functions were designed so Microsoft can charge users for its own or other parties' patches in days to come. You may feel this is good or bad, but I think it's your right to get as much advance warning of it as possible.
Livingston is publisher of BriansBuzz.com. Send letters for publication in Computerworld to Computerworld Letters.