The Small Print Project                                       

A collaborative document of experiences with agreements in the digital age as they are designed and encountered.

November 30, 2006

Annotated Windows Malicious Software Removal Tool EULA

Posted to EULAs by Andy Sternberg

wimpy hamburger tuesdayJesse, who previously contributed an iTunes 7 breakdown is back with everyone’s favorite critical security update (distributed every month on the second Tuesday, around the same time that Wimpy gladly pays for his hamburgers).

—–

Lowpoints: “THEY APPLY TO THE SOFTWARE NAMED ABOVE WHICH INCLUDES THE MEDIA ON WHICH YOU RECEIVED IT, IF ANY.”

– Hm, so by “SOFTWARE” they mean “CD-ROM disks” — this might be worth remembering. So you can’t disassemble the disk, for example. Does this include shredding it, I wonder?

“THE TERMS ALSO APPLY TO THE MICROSOFT:
• UPDATES
• SUPPLEMENTS
• INTERNET-BASED SERVICES, AND
• SUPPORT SERVICES

– Hm, what a lot of different names - what’s the difference between a “supplement” and a “support service?”

FOR THIS SOFTWARE UNLESS OTHER TERMS ACCOMPANY THOSE ITEMS. IF SO, THOSE TERMS APPLY. BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE.

1. OVERVIEW. At the time the tool is running, the software checks your device for certain malicious software listed at http://go.microsoft.com/fwlink/?LinkId=39249 (“Malware”) and if detected, the software removes Malware from your device. The tool must be run again on the specific device to detect and remove subsequent Malware updates….

– Interesting. So MS can remove anything they please from your computer and you can’t say no — cute.

PRIVACY NOTICE: When the software checks your device for Malware, information is collected from your device only for the purpose of reporting to you whether or not Malware was detected and removed from your device. However, Microsoft may collect and publish aggregated data about the use of the software. If you choose, the software’s reporting functionality can be disabled by following the instructions found at http://go.microsoft.com/fwlink/?LinkId=39987.&nbsp

– Nice that they let you disable the reporting feature - but the page linked is the full manual, and the actual instructions are rather hard to find (I couldn’t find them in a quick search)

[...]

Highpoints: “PLEASE READ THEM.” - Wow, they say please!

Comments

  1. Foundit
    January 17th, 2007 | 12:17 am

    Following the maze of links through MS help pages, I found the actual instructions at http://support.microsoft.com/kb/891716/ near the bottom of the page:

    Q3. How can I disable the infection-reporting component of the tool so that the report is not sent back to Microsoft?

    A3. An administrator can choose to disable the infection-reporting component of the tool by adding the following registry key value to computers. If this registry key value is set, the tool will not report infection information back to Microsoft.
    Subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT
    Entry name: \DontReportInfectionInformation
    Type: REG_DWORD
    Value data: 1
    This functionality is automatically disabled if the following registry key value exists:
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\WUServer
    This registry key value indicates that the computer is connected to an SUS server.

Leave a reply