MS has nothing to do with this "security-hack".
I run win7.
If avast update/reboots without permission, it simply has been "hack" and nobody wants to FACE that issue. Cognitive dissonance.
My anti-spyware does not recognize that "newer self-updated auto-start from avast" while the old was legit.
The first time (last summer) this happened, I've allowed my anti-spyware to white-list that avast "emupdate". But only to realize that, when updating avast-program, avast did not upgrade. I had to use avast-remover from avast to remove it and then install the new version. Everything when fine, yay! ..... NOT!!! Avast was all ok. But windows-media-player was nowhere to be found, except all kind of messages that I had to re-install WMP, which I try to NO avail. System restore did not work. I had to clean install win7.
This morning, my 2 PCs had rebooted during the night while I was in bed. Luckily, one of them does not restart when the reboot is not legit. After starting it, and log into both, I saw my anti-spyware alert about emupdate once again after those months of repairing what the "first hack of avast" had caused me.
There are TOO MANY toys around avast now (google-chrome, facebook login facility, stream-update, mobile this, mobile-that, cherry-jello, toilet-paper dispenser, etc).
What avast needs is programmers. NOT public-relation personnel.