I have seen mention by a few people in various threads that they are not going to implement Windows 2000 SP3 due to the wording of the EULA.

I believe the same wording applies to Windows XP SP1 and the crux of the issue seems to be that by agreeing to the EULA you are agreeing that Microsoft can make updates to your system without your knowledge or consent.

Most companies have extensive patch testing and implementation policies designed to protect business-critical systems from crashing. Obviously, having Microsoft update your system at their discretion goes against this and could make for a very unstable system.

This also seems to violate certain requirements of laws like HIPAA and GLBA that require systems be secure.

Here is my question though- does anyone know on what port or through what service Microsoft intends to perform these updates? If you have your systems locked down and you are protected by a perimeter firewall wouldn't you be able to block Microsoft from entering your network whether you agreed to the EULA or not?