New CCleaner scandal: forced automatic updates

2018 has been a troublesome year for users of the computer program CCleaner. The popular Windows program to delete temporary files and data to free up disk space went through a series of program updates that many users of the software opposed.

While there has been some bundling with third-party offers, e.g. Avast Free Antivirus in the past, recent updates introduced advertising popups and privacy options that free users could not really configure. It culminated in the release of CCleaner 5.45 in August that collected more Telemetry. Integration made it near impossible for users to disable the collecting and Piriform/Avast had to retract the version eventually because the issue boiled over.

CCleaner 5.46 was released at the end of August 2018 but things have not calmed down a lot since the release. A user on the official Piriform forum reported on September 6, 2018 that CCleaner had updated itself automatically ignoring the user's configuration which was set to not check for or install updates.

So what was causing this change? Well I was using an older version of CCleaner 5.35.6210, for good reasons, and despite the fact it was still showing as that yesterday when I booted it this morning what do I find? I'll tell you what: it had been updated, against my express wishes in the settings to the latest version: 5.46.whatever. Obviously that was the problem.

Piriform confirmed the forced updating of users to the new version and reasoned that it was necessary to "meet legal requirements and give users more autonomy and transparency over their privacy settings".

Bleeping Computer ran a test and confirmed that old versions of the program were updated to CCleaner 5.46 automatically even when the "automatically check for updates to CCleaner" option is unchecked during setup.

What makes the whole auto-updating even worse for users is that privacy settings are reverted to their default values during the upgrade according to Bleeping Computer.

Some users may wonder how CCleaner managed to upgrade itself even if the update checking in the program is disabled.

The makers of CCleaner added a critical update feature to CCleaner 5.36 which may override the user's update preferences. Designed to push updates to user systems that protect against critical issues or security threats, it has been used by the company to update older versions of CCleaner forcefully.

According to them, the update was made in the best interest of users as it "gives users the best possible control of their privacy settings", prevents the "loss of personal settings in Chrome" and a "broken graphics driver" issue after Windows Updates.

Forced updates or critical update features are not something that is unique to CCleaner.

What can you do about it?

CCleaner users who were affected by the forced update to the new version of the program have three options to deal with it:

1. Accept it, make the necessary changes to the program and forget all about it.
2. Uninstall CCleaner and use an alternative.
3. Revert to an older version and block the program's critical updating functionality.

I think that option two is the best course of action. While you can block CCleaner in the Task Manager, on the hard drive, and in the firewall so that it won't auto-update the program again, you have to ask yourself if you want to keep using a program that disregards user preferences.

In other news: CCleaner updated to version 5.47 today but the update was pulled again later today "because of a user preference that would not save correctly when changed. Reports suggest that the preference was the usage sharing privacy option. Piriform had to pull two releases in two months and there seems no end in sight.

Now you: do you still use CCleaner?