Billie Winner-Davis, Reality Winner's mother, told Business Insider on Tuesday that President Donald Trump's former lawyer, Michael Cohen, is attempting legal representation to aid the former Air Force language analyst contractor and Kingsville native Reality Winner with her case.
Winner pleaded guilty in 2018 to leaking classified National Security Agency information on Russia's alleged efforts to interfere with the 2016 election. She was found guilty of violating the U.S. Espionage Act and sentenced to five years in prison at the Federal Medical Center-Carswell in Fort Worth, Texas.
In 2016 following her separation from six years of active duty, Winner was hired by Pluribus International Corporation under an NSA contract to work out of Fort Gordon, Georgia.
According to ABC News, Winner printed a classified report detailing how Russian hackers allegedly “executed cyber espionage operations” on local election systems and mailed the documents to The Intercept.
She was arrested on June 3, 2017.
Amazing! Thank you. My daughter Reality Leigh Winner is yet another victim of this admin. Doing hard time for bringing the truth to light. #FreeRealityWinnerhttps://t.co/wU0sg3LeRs
Michael Cohen, who pleaded guilty to campaign violations and tax fraud in 2018, began serving his sentence in May 2019 at the federal penitentiary in Otisville, New York.
He has been under house arrest since July over coronavirus concerns.
Military.com stated that Reality’s mother sent a Twitter message that said “Cohen has asked another attorney to look at the case and for opportunities to help.”
Announcements
We encourage anyone to reach out to discuss potential news stories that may be in the public interest. You can reach us via email or by phone at 603-483-3900 with the understanding that the information you provide might be used in our LIVE broadcasts or other stories.
Microsoft has begun patching files on Windows XP and Vista without users knowledge, even when the users have turned off auto updates.
Many companies require testing of patches before they are widely installed, and businesses in this situation are objecting to the stealth patching. Files changed with no notice to users
In recent days, Windows Update (WU) started altering files on users systems without displaying any dialog box to request permission. The only files that have been reportedly altered to date are nine small executables on XP and nine on Vista that are used by WU itself. Microsoft is patching these files silently, even if auto-updates have been disabled on a particular PC.
It is surprising that these files can be changed without the users knowledge. The Automatic Updates dialog box in the Control Panel can be set to prevent updates from being installed automatically. However, with Microsoft's latest stealth move, updates to the WU executables seem to be installed regardless of the settings without notifying users.
When users launch Windows Update, Microsofts online service can check the version of its executables on the PC and update them if necessary. What is unusual is that people are reporting changes in these files although WU was not authorized to install anything.
This is not the first time Microsoft has pushed updates out to users who prefer to test and install their updates manually. Not long ago, another Windows component, svchost.exe, was causing problems with Windows Update, as last reported on June 21 in the Windows Secrets Newsletter. In that case, however, the Windows Update site notified users that updated software had to be installed before the patching process could proceed. This time, such a notice never appears.
For users who elect not to have updates installed automatically, the issue of consent is crucial. Microsoft has apparently decided, however, that it does not need permission to patch Windows Updates files, even if you have set your preferences to require it.
Microsoft provides no tech information (yet)
To make matters even stranger, a search on Microsoft's Web site reveals no information at all on the stealth updates. Let's say you wished to voluntarily download and install the new WU executable files when you were, for example, reinstalling a system. You'd be hard-pressed to find the updated files in order to download them. At this writing, you either get a stealth install or nothing.
A few Web forums have already started to discuss the updated files, which bear the version number 7.0.6000.381. The only explanation found at Microsofts site comes from a user identified as Dean-Dean on a Microsoft Communities forum. In reply to a question, he states:
Windows Update Software 7.0.6000.381 is an update to Windows Update itself. It is an update for both Windows XP and Windows Vista. Unless the update is installed, Windows Update will no't work, at least in terms of searching for further updates. Normal use of Windows Update, in other words, is blocked until this update is installed.
Windows Secrets contributing editor Susan Bradley contacted Microsoft Partner Support about the update and received this short reply:
7.0.6000.381 is a consumer only release that addresses some specific issues found after .374 was released. It will not be available via WSUS [Windows Server Update Services]. A standalone installer and the redist will be available soon, I will keep an eye on it and notify you when it is available.
Unfortunately, this reply does not explain why the stealth patching began with so little information provided to customers. Nor does it provide any details on the specific issues that the update supposedly addresses.
System logs confirm stealth installs
In his forum post, Dean-Dean names several files that are changed on XP and Vista. The patching process updates several Windows\System32 executables (with the extensions .exe, .dll, and .cpl) to version 7.0.6000.381, according to the post.
To see if your computer has received the updates just head on over to the Windows\System32 folder and look for one of the affected files listed below. You should see the date that the file was modified (probably around August 24th), and the version number should be 7.0.6000.381
These files are by no means viruses, and Microsoft appears to have no malicious intent in patching them. However, writing files to a users PC without notice (when auto updating has been turned off) is behavior that is usually associated with hacker Web sites. The question being raised in discussion forums is, Why is Microsoft operating in this way?
How to check which version your PC has
If a system has been patched in the past few months, the nine executables in Windows\System32 will either show an earlier version number, 7.0.6000.374, or the stealth patch: 7.0.6000.381. (The version numbers can be seen by right-clicking a file and choosing Properties. In XP, click the Version tab and then select File Version. In Vista, click the Details tab.)
In addition, PCs that received the update will have new executables in subfolders named 7.0.6000.381 under the following folders: c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups.dll c:\Windows\System32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll Users can also verify whether patching occurred by checking Windows Event Log:
Step 1. In XP, click Start, Run.
Step 2.Typeeventvwr.mscand press Enter.
Step 3.In the tree pane on the left, select System.
Step 4.The right pane displays events and several details about them. Event types such as Installation are labeled in the Category column. Windows Update Agent is the event typically listed in the Source column for system patches.
On systems that were checked recently by Windows Secrets readers, the Event Log shows two installation events on Aug. 24. The files were stealth updated in the early morning hours. (The time stamp will vary, of course, on machines that received the patch on other dates.)
To investigate further, you can open the Event Logs properties for each event. Normally, when a Windows update event occurs, the properties dialog box shows an associated KB number, enabling you to find more information at Microsofts Web site. Mysteriously, no KB number is given for the WU updates that began in August. The description merely reads, Installation Successful: Windows successfully installed the following update: Automatic Updates.
Windows Secrets plans to offer more details tomorrow on its Web site and to subscribers via its normal email channel.
I spent about an hour this afternoon reading various forum posts about the 7.0.6000.381 update. They varied from people finding the update installed without consent to WSUS not updating some systems to version 7.0.6000.381.
Another concern is privacy. Do the stealth installations violate the Windows EULA (end user license agreement) or Microsofts privacy policy? I took a look at the Windows Vista version of both documents this afternoon. The Vista EULA is a 14-page document. A search for terms 'update' or 'consent' revealed no place where I could see that users explicitly give permission to Microsoft to download and apply updates without consent.
'To make Windows Vista work better with the Internet, some features that do not collect personal information are turned on by default. You can choose to disable these features. For details about the information collection, uses, and choice provided by a specific feature or related product or service, please click on the link provided in the list on the right.'
Windows Update is not in that list, but it is in another. But I found nothing in the Windows Update Privacy Statement explicitly giving permission to update without end user consent.
I definately keep you up to date on this news breaking story. Watch for updates, we will be moving this story to the front page for the next few days. - OS9USER
There have been some questions raised about how we service the Windows Update components and concerns expressed about software installing silently. I want to clarify the issue so that everyone can better understand why the self-updating of Windows Update acts the way it does.
So first some background: Windows Update is designed to help our consumer and small business customers (customers without an IT staff) keep their systems up-to-date. To do this, Windows Update provides different updating options: 1) Install updates automatically, 2) Download updates but let me choose whether to install them, 3) Check for updates but let me choose whether to download and install them, and 4) Never check for updates. Our goal is to automate the process wherever possible so that we can increase the likelihood of a system being secure and up-to-date, while giving customers the flexibility to control how and whether updates are installed. The reasons for this are both philosophical and practical. Philosophically, Microsoft believes that users should remain in control of their computer experience. Practically, customers have told us that they want to have time to evaluate our updates before they install them. That said, and to the benefit of both customers and the IT ecosystem, most customers choose to automate the updating experience.
So what is happening here? Windows Update is a service that primarily delivers updates to Windows. To ensure on-going service reliability and operation, we must also update and enhance the Windows Update service itself, including its client side software. These upgrades are important if we are to maintain the quality of the service.
Of course, for enterprise customers who use Windows Server Update Services (WSUS) or Systems Management Server (SMS), all updating (including the WU client) is controlled by the network administrator, who has authority over the download and install experience.
One question we have been asked is why do we update the client code for Windows Update automatically if the customer did not opt into automatically installing updates without further notice? The answer is simple: any user who chooses to use Windows Update either expected updates to be installed or to at least be notified that updates were available. Had we failed to update the service automatically, users would not have been able to successfully check for updates and, in turn, users would not have had updates installed automatically or received expected notifications. That result would not only fail to meet customer expectations but even worse, that result would lead users to believe that they were secure even though there was no installation and/or notification of upgrades. To avoid creating such a false impression, the Windows Update client is configured to automatically check for updates anytime a system uses the WU service, independent of the selected settings for handling updates (for example, “check for updates but let me choose whether to download or install them”). This has been the case since we introduced the automatic update feature in Windows XP. In fact, WU has auto-updated itself many times in the past.
The point of this explanation is not to suggest that we were as transparent as we could have been; to the contrary, people have told us that we should have been clearer on how Windows Update behaves when it updates itself. This is helpful and important feedback, and we are now looking at the best way to clarify WU’s behavior to customers so that they can more clearly understand how WU works. At the same time, however, we wanted to explain the rationale for the product’s behavior so our customers know what the service is doing: WU updates itself to make sure it continues to work properly. We are also confident that the choice to use Automatic Updating continues to be the right choice.
Before closing, I would like to address another misconception that I have seen publically reported. WU does not automatically update itself when Automatic Updates is turned off, this only happens when the customer is using WU to automatically install upgrades or to be notified of updates.
Providing and maintaining the WU service is important to enable us to service our customers and help them maintain safe, more secure and reliable computers. We take this responsibility very seriously and we are proud of the impact that Windows Update has had to help users with safety security and reliability over the years. Updating the client has been and remains a critical piece to this approach.
We appreciate the feedback and I hope that this post helps you to understand the situation and our strategy.
According to the evidence assembled by Windows Secrets, these updates were silently downloaded and installed, without notifying end users, even in cases where those end users had specifically told Microsoft, through their PC settings, not to install updates without letting them choose to do so.
"(Biden’s) own chief of staff, Ron Klain, would say last year that it was pure luck, that they did ‘everything possible wrong’ (with H1N1). And we learned from that."
"There are estimates that by the end of the term of this administration, they will have lost more jobs than almost any other presidential administration."
That Rose Garden event — there's been a great deal of speculation about it — my wife Karen and I were there and honored to be there. Many of the people who were at that event, Susan, were actually tested for coronavirus, and it was an outdoor event, which all of our scientists r...
There have been some questions raised about how we service the Windows Update components and concerns expressed about software installing silently. I want to clarify the issue so that everyone can better understand why the self-updating of Windows Update acts the way it does.
So first some background: Windows Update is designed to help our consumer and small business customers (customers without an IT staff) keep their systems up-to-date. To do this, Windows Update provides different updating options: 1) Install updates automatically, 2) Download updates but let me choose whether to install them, 3) Check for updates but let me choose whether to download and install them, and 4) Never check for updates. Our goal is to automate the process wherever possible so that we can increase the likelihood of a system being secure and up-to-date, while giving customers the flexibility to control how and whether updates are installed. The reasons for this are both philosophical and practical. Philosophically, Microsoft believes that users should remain in control of their computer experience. Practically, customers have told us that they want to have time to evaluate our updates before they install them. That said, and to the benefit of both customers and the IT ecosystem, most customers choose to automate the updating experience.
So what is happening here? Windows Update is a service that primarily delivers updates to Windows. To ensure on-going service reliability and operation, we must also update and enhance the Windows Update service itself, including its client side software. These upgrades are important if we are to maintain the quality of the service.
Of course, for enterprise customers who use Windows Server Update Services (WSUS) or Systems Management Server (SMS), all updating (including the WU client) is controlled by the network administrator, who has authority over the download and install experience.
One question we have been asked is why do we update the client code for Windows Update automatically if the customer did not opt into automatically installing updates without further notice? The answer is simple: any user who chooses to use Windows Update either expected updates to be installed or to at least be notified that updates were available. Had we failed to update the service automatically, users would not have been able to successfully check for updates and, in turn, users would not have had updates installed automatically or received expected notifications. That result would not only fail to meet customer expectations but even worse, that result would lead users to believe that they were secure even though there was no installation and/or notification of upgrades. To avoid creating such a false impression, the Windows Update client is configured to automatically check for updates anytime a system uses the WU service, independent of the selected settings for handling updates (for example, “check for updates but let me choose whether to download or install them”). This has been the case since we introduced the automatic update feature in Windows XP. In fact, WU has auto-updated itself many times in the past.
The point of this explanation is not to suggest that we were as transparent as we could have been; to the contrary, people have told us that we should have been clearer on how Windows Update behaves when it updates itself. This is helpful and important feedback, and we are now looking at the best way to clarify WU’s behavior to customers so that they can more clearly understand how WU works. At the same time, however, we wanted to explain the rationale for the product’s behavior so our customers know what the service is doing: WU updates itself to make sure it continues to work properly. We are also confident that the choice to use Automatic Updating continues to be the right choice.
Before closing, I would like to address another misconception that I have seen publically reported. WU does not automatically update itself when Automatic Updates is turned off, this only happens when the customer is using WU to automatically install upgrades or to be notified of updates.
Providing and maintaining the WU service is important to enable us to service our customers and help them maintain safe, more secure and reliable computers. We take this responsibility very seriously and we are proud of the impact that Windows Update has had to help users with safety security and reliability over the years. Updating the client has been and remains a critical piece to this approach.
We appreciate the feedback and I hope that this post helps you to understand the situation and our strategy.
Nate Clinton
Program Manager
Windows Update