Microsoft Update

Why is the Microsoft Update website a http by default and not a https?

Does it become an HTTPS site after you select the EXPRESS or CUSTOM button?

Chas4 wrote:
> Why is the Microsoft Update website a http by default and not a https?

When you go to the Microsft Update site it goes to http by defult. Only if
you change the http to an https does it become a secure connection.

--
Why Open the Web?

Despite the connecting purpose of the Web, it is not entirely open to all of
its users.

http://my.opera.com/community/openweb/info/


"PA Bear [MS MVP]" wrote:

> Does it become an HTTPS site after you select the EXPRESS or CUSTOM button?
>
> Chas4 wrote:
> > Why is the Microsoft Update website a http by default and not a https?
>

When you go to the Microsoft Update site it is http by default. Only if you
change the http to a https does it become a secure connection.


--
Why Open the Web?

Despite the connecting purpose of the Web, it is not entirely open to all of
its users.

http://my.opera.com/community/openweb/info/


"PA Bear [MS MVP]" wrote:

> Does it become an HTTPS site after you select the EXPRESS or CUSTOM button?
>
> Chas4 wrote:
> > Why is the Microsoft Update website a http by default and not a https?
>

Now you know. Does this bother or concern you?

Chas4 wrote:
> When you go to the Microsft Update site it goes to http by defult. Only
> if
> you change the http to an https does it become a secure connection.
>
> PA Bear wrote:
>> Does it become an HTTPS site after you select the EXPRESS or CUSTOM
>> button?
>>
>> Chas4 wrote:
>>> Why is the Microsoft Update website a http by default and not a https?

I would think you would use a https page for an update site
--
Why Open the Web?

Despite the connecting purpose of the Web, it is not entirely open to all of
its users.

http://my.opera.com/community/openweb/info/


"PA Bear [MS MVP]" wrote:

> Now you know. Does this bother or concern you?
>
> Chas4 wrote:
> > When you go to the Microsft Update site it goes to http by defult. Only
> > if
> > you change the http to an https does it become a secure connection.
> >
> > PA Bear wrote:
> >> Does it become an HTTPS site after you select the EXPRESS or CUSTOM
> >> button?
> >>
> >> Chas4 wrote:
> >>> Why is the Microsoft Update website a http by default and not a https?
>
>

PA Bear [MS MVP] wrote:

> Now you know. Does this bother or concern you?

It certainly concerns me, particularly with the new IDN-based attacks. I talked
to MSRC about this years ago (prior to my MVP award) but didn't get anywhere.

Microsoft advise that you shouldn't turn off the "only allow https sites to be
trusted" setting in IE, but you have to in order to use Windows Update ...

Harry.

>
> Chas4 wrote:
>> When you go to the Microsft Update site it goes to http by defult.
>> Only if
>> you change the http to an https does it become a secure connection.
>>
>> PA Bear wrote:
>>> Does it become an HTTPS site after you select the EXPRESS or CUSTOM
>>> button?
>>>
>>> Chas4 wrote:
>>>> Why is the Microsoft Update website a http by default and not a https?
>