How Windows 10 became malware

Any software — even a premier operating system — that gets onto computers through stealth means has crossed over to the dark side

malware keyboard skull and crossbones

Several weeks ago my wife came fuming into my office.

“Windows 10 just hijacked my computer,” she complained. “Without asking, Microsoft upgraded me from Windows 7, even though I didn’t want Windows 10, and I had to wait for the installation to finish before I could get any work done.”

I asked her whether she had accidentally clicked “OK” on any upgrade notifications, ignored any warnings that she had received or gotten any other notices about the upgrade. No on all counts, she answered before leaving to wrestle with her new operating system.

I admit to having been skeptical. Would Microsoft really take over someone’s computer without warning and install a significant chunk of software without explicit permission? That’s what malware does, I thought, not software from one of the biggest tech firms on the planet with the largest operating system installed base on desktop and laptops PCs.

Turns out, she was right. And I wasn’t the only tech writer whose spouse had this experience: The same thing happened to the wife of PC World’s Brad Chacos

All this made me wonder: If software from any other company behaved the way the Windows 10 upgrade does, would it be considered malware?

To find out, I delved into how the controversial upgrade works. Microsoft has been aggressive in its attempts to get as many people as possible to upgrade to Windows 10 in advance of the company’s self-imposed July 29 deadline for free upgrades from Windows 7 and Windows 8.1.

Last year Microsoft installed its Get Windows 10 app on millions of Windows 7 and Windows 8.1 PCs. It alerted people that they could “reserve” the free upgrade if they wanted. When the app popped up on people’s PCs, they could close its window and block any action it might take in the time-honored way of clicking on the X in the upper right of the dialog box.

Since then Microsoft has gotten increasingly aggressive in getting people to upgrade to Windows 10. It began stealthily downloading the bits required for the upgrade to PCs automatically without telling people. And then this spring Microsoft sprung a trap. When the upgrade app appeared, if someone clicked the X in its dialog box in order to close it and cancel an upgrade, Windows did the exact opposite of what the person intended to do: It upgraded that person’s PC to Windows 10. Microsoft did that even though the app always behaved in the opposite way before then, which is pretty much the way any legitimate app behaves — closing a dialog box and canceling any actions.

When Microsoft made that change, it violated its own recommended design guidelines, notes Computerworld’s Gregg Keizer. Microsoft tells developers that clicking an X to close a dialog box and halt any action the box might take is the right way to do things. The company writes on a website devoted to design guidelines, "The Close button on the title bar should have the same effect as the Cancel or Close button within the dialog box. Never give it the same effect as OK.”

In this case, that’s exactly what clicking X did: gave it the same effect as OK.

So is the Windows 10 upgrade malware? One place to look for clues is in Microsoft’s document, “How to prevent and remove viruses and other malware.” That document warns, “Never click 'Agree' or 'OK' to close a window that you suspect might be spyware. Instead, click the red 'x' in the corner of the window or press Alt + F4 on your keyboard to close a window." And it defines spyware, in part, this way: “Spyware can install on your computer without your knowledge. These programs can change your computer’s configuration or collect advertising data and personal information.”

So let’s see: The Windows 10 upgrade downloads its bits to your PC without your knowledge. It changes your computer’s configuration. By default, Windows 10 collects advertising data and personal information. And if you try to stop the upgrade by doing what Microsoft tells you to do with every other application — click the X on its dialog box — it installs anyway.

Sounds like malware to me, malware that forces a Windows 10 upgrade. Sure, it isn't malware that's designed with a malicious purpose. It's not being installed on your computer with the aim of stealing your data or locking up your files until you pay Microsoft a ransom. But getting upgraded to a new operating system against your will can have drastic consequences, such as programs that won't work with the newer OS. If you unexpectedly find your PC upgraded to Windows 10, you might have to shell out for upgrades to other programs just to accomplish what you could do before the upgrade.

Microsoft should immediately reverse course and let people decide for themselves whether they want to upgrade to Windows 10, rather than to use malware tricks to get them to upgrade.

This story, "How Windows 10 became malware" was originally published by Computerworld.

To comment on this article and other CIO content, visit us on Facebook, LinkedIn or Twitter.
Download the CIO Nov/Dec 2016 Digital Magazine
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.