Microsoft releases new license terms for Windows 10: Biggest surprise? No gotchas

Status
Not open for further replies.

Sloth

Level 5
Thread author
Verified
Jun 24, 2015
212
Here's what's new:

  • Activation and licensing status when upgrading from a non-genuine copy of Windows. As usual, the license agreement allows the right to install and run Windows on a single licensed device. It also requires activation, a process that is automatic on most devices from large OEMs. The new agreement adds this clause: "Updating or upgrading from non-genuine software with software from Microsoft or authorized sources does not make your original version or the updated/upgraded version genuine, and in that situation, you do not have a license to use the software."
  • Transfer rights. I heard some observers speculate that the new terms would limit Windows 10 transfer rights. Nope. The new license agreement preserves the longstanding transfer rights: OEM copies are locked to the device on which they're sold, retail copies can be transferred to a different device as long as the old copy is removed first. (The Windows 10 EULA includes a specific exception for PC buyers in Germany, who are allowed to transfer OEM software thanks to a court ruling.)
  • Downgrade rights. As with all recent Windows releases, buying a PC with a Professional version of Windows installed by the OEM includes the right to downgrade to either of the two earlier versions, in this case Windows 7 Professional or Windows 8.1 Pro. The new agreement specifies an end date for those downgrade rights, which are valid "only for so long as Microsoft provides support for that earlier version." Under the 10-year Microsoft support lifecycle , that means downgrade rights for Windows 7 end in January 2020, and the clock runs out on Windows 8.1 in January 2023.
  • Automatic updates. For consumers and small business, Windows 10 delivers automatic updates, with no option to selectively delay or reject individual updates. "The software periodically checks for system and app updates, and downloads and installs them for you. ... By accepting this agreement, you agree to receive these types of automatic updates without any additional notice." Business customers have additional management options through the Windows Update for Business program, and enterprise customers can assign mission-critical devices to the Long Term Servicing Branch, which includes only security fixes and not feature updates.
  • No Commercial Use Rights for Office products. Some Windows 10 editions will include Microsoft Office programs. As with Windows RT, those products are limited to personal and noncommercial use. Businesses need to have an Office 365 Business subscription or assign a perpetual Office license to the device.
And that's it.



PS: The transfer rights. :D :p
 

darko999

Level 17
Verified
Well-known
Oct 2, 2014
805
I think I'll have to disable windows update service if I want to try win 10, jesus man.
 
D

Deleted member 21043

Honestly, I like the license terms update, but the only thing I don't like is the automatic updates. I think it'd be better if users had the control over the update? I removed the Windows 10 Technical Preview a few weeks back since I formatted by drive, however I'll install it again next week. Looking forward to the 29th release day, though. I'm sure we can all see that Microsoft are trying to work hard on Windows 10, they must be under a lot of pressure. We'll see how Windows 10 works out in the long run sooner or later, although I believe it'll go down well this time.

I think I'll have to disable windows update service if I want to try win 10, jesus man.
Hello,

In a way, Microsoft are looking out for you - the only issue I can think of is if they mess up and release a faulty update which then leaves your system unbootable... Which has happened in the past. Although, I think they learnt from all the ocassions such behaviour has occured and that it won't happen again for Windows 10.

Windows Updates are important in some cases, especially Security Updates. The reason for this is security updates are there to help strengthen the security of the Operating System to prevent certain vulnerabilities being used by an attacker. Of course there are many other reasons for a security update, patching vulnerabilities is one of them.

If you do not update your copy of Windows, especially not installing the security updates, then you are a big target to attackers. The reason for this is because you will not have the updates installed on your system which patch specific vulnerabilities found by either researchers or previously used by zero-day malware (which Microsoft then patched and released an update for), therefore if you ever encounter a malware infection which makes use of the vulnerabilities which had been patched in the future updates which you did not install, then the vulnerability can be used by the malicious software. Of course there is a possibility that you will never get infected (and affected by an exploit) even without installing the updates, but do you really want to take such a chance? (read my second example below, I'm sure it'll help you rethink your decision).

In the past, on Windows operating systems such as Windows 7, there have been many vulnerabilities which were shortly fixed after discovery, such as a vulnerability which was used and abused by malware writers, to execute a program with administrator privileges (elevated) without user consent, regardless of User Account Control being enabled or disabled. Since the vulnerability was UAC, it was able to use the vulnerability to leverage itself to bypass it. However, when Microsoft patched this, anyone who installed the Windows update (security update) which patched this exploit from beig used, was then protected from that specific exploit.

As a more deadly example, are you aware of something called "PatchGuard"? It's a feature built-into x64 versions of Windows which prevents the loading of unsigned drivers (there is also other stuff such as KPP (Kernel Patch Protection), but I won't further comment on this). The reason Microsoft developed PatchGuard and added support to it for blocking the loading of unsigned drivers was due to the fact that it helps anhiliate rogue drivers being loaded on x64 systems. For example, rootkit developers (malware) - unless they either managed to steal a signature, or had the money to buy a digital signature, they wouldn't be able to have their driver loaded on the target users system since PatchGuard would block the driver from loading. If a driver (kernel-mode) is loaded, it is then executing from the level the OS Kernel is at (hence why it's called kernel-mode). However, the reason I have explained this all is because in the past, there has been vulnerabilities regarding PatchGuard which Microsoft patched up (via updates). Basically, the vulnerability modified the Master Boot Record (which would have required a signed driver anyway on Windows Vista and above, but let's continue) (bootkit) and then used this as a way of getting the unsigned driver to load, also at boot of the OS. People who installed the update to patch up the vulnerability for PatchGuard were then protected against such activity. (unless test mode/driver signature enforcement is on, a driver is required to be signed to load on x64 versions of Windows). If you didn't install the update, then you were vulnerable to such an attack...

As for the above 2 examples, there is no one to say that this cannot all happen on future Windows versions, such as Windows 10. Nothing if full-proof. And what happens when the exploit is used by malware? It will eventually be discovered, Microsoft will then work to releasing a patch to fix it. (there is usually a loader executable which uses the vulnerability and then allows e.g. the malware to bypass UAC (if it was for bypassing UAC). Or it downloads the malware, then uses the vulnerability (exploits it) to allow the malware to run elevated.

As another example, unrelated to exploits, updates can protect you in other ways. For example, specific functions (e.g. Windows API) may be removed in the future for specific reasons, and if malicious software was making use of the function which is no longer supported and removed for usage via an update, then the malware will not work since it won't be able to use that function anymore. (seems this has happened in the past, I also was affected by it, maybe even protected by it before, who knows).

Updates are also good for other things, such as introducing new features into the Windows Operating System to make things more interesting, give you the ability to do more, or just fix bugs in software, which software developers typically do for a number of reasons. Overall, updates are there to help you.

I already know that if you really do not like Windows update, then there is nothing I can say or do to help make you start liking them. But I can try, because at the end of the day, there's nothing I hate to see more than someone become affected by an exploit which was actually patched via an update, but they had not installed the update. (I've wanted to use that phrease "there's nothing I hate to see more" on this forum for a very long time! :p ).

Anyway, as I said earlier:
Of course there is a possibility that you will never get infected (and affected by an exploit) even without installing the updates, but do you really want to take such a chance?

Some other people who might be able to help me out here with the whole update thing? @Umbra

Hope this helped,
Cheers. ;)
 
Last edited by a moderator:

Kuttz

Level 13
Verified
Top Poster
Well-known
May 9, 2015
625
Windows 10 delivers automatic updates, with no option to selectively delay or reject individual updates.

That's the only part I didn't liked. I just wanted the control what updates goes into my system. Even though I 100% install all windows update components, it would have been much better if the user have final voice what update downloads and installs. For example I actually uninstalled and blocked "Get windows 10" app in my taskbar with its related files loaded in memory which to me felt annoying and forced to do this like feel. I only installed "Get windows 10" few days ago to reserve upgrade.

There are incidents where a single Windows update caused system havoc for windows PC users. If such faulty windows update again realeases what will its user do is a big question.
 

Kardo Kristal

From Crystal Security
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
For consumers and small business, Windows 10 delivers automatic updates, with no option to selectively delay or reject individual updates. "The software periodically checks for system and app updates, and downloads and installs them for you

What about metered connection? There are users with low (or limited) monthly (network) bandwidth.

Regards,
Kardo
 
D

Deleted member 21043

That's the only part I didn't liked. I just wanted the control what updates goes into my system. Even though I 100% install all windows update components, it would have been much better if the user have final voice what update downloads and installs. For example I actually uninstalled and blocked "Get windows 10" app in my taskbar with its related files loaded in memory which to me felt annoying and forced to do this like feel. I only installed "Get windows 10" few days ago to reserve upgrade.

There are incidents where a single Windows update caused system havoc for windows PC users. If such faulty windows update again realeases what will its user do is a big question.
Don't worry, I understand exactly what you mean.

I think it would be good if users still got the decision to choose whether to download/install updates or not, but I understand why they make it automatic as well.
 
  • Like
Reactions: Kuttz

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
You can defer updates in the Pro edition.


Maybe this will help catalyze fiber everywhere..? :D
Maybe MS will provide 10GB of free data(for updating Windows only) who "buys" or "pre-orders" genuine Win 10 PRO.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top