Heads up: Microsoft is back to snooping with this month’s Win7 and 8.1 'security-only' patches

Credit to Author: Woody Leonhard| Date: Thu, 12 Sep 2019 09:32:00 -0700

Two months ago, the July Win7 security-only patch was found to install telemetry software, triggered by newly installed scheduled tasks called ProgramDataUpdater, Microsoft Compatibility Appraiser, and AitAgent. As best I can tell, Microsoft never admitted that its security-only patch dropped a telemetry component.

The August security-only update didn’t include that bit of snooping, so it looked like the July snooping was a one-off aberration.

Now we’re learning that the September security-only patches for both Win 7 and Win 8.1 have this, shall we say, feature.

Back in July, the excuses given for the snooping behavior struck me as disingenuous. Microsoft never commented, but those who defended the sneaky practice referred to the fact that Win7 is approaching end of support, and Microsoft needed the telemetry to help Win7 users move on to greener pastures.

Those excuses don’t work an more. Windows 8.1 doesn’t reach end of support until Jan. 10, 2023. And if the telemetry is intended to improve Win 8.1 features, I’d like to hear about just one feature improvement in the past four years.

What information is Microsoft collecting? I don’t know. Telemetry is frequently downplayed as being largely uninteresting blobs of unattributed data. If that’s the case, why is Microsoft collecting it now, after all these years? It hasn’t even acknowledged (as best I can tell) that it’s collecting it via security-only patches.

If you’ve already installed one of this month’s security-only patches, you can blunt the “phone home” portion by following @abbodi86’s advice:

Disabling (or deleting) these schedule tasks after installation (before reboot) should be enough to turn off the appraiser

MicrosoftWindowsApplication ExperienceProgramDataUpdater

MicrosoftWindowsApplication ExperienceMicrosoft Compatibility Appraiser

MicrosoftWindowsApplication ExperienceAitAgent

In addition, there’s a thorough checklist and walkthrough in AskWoody Knowledge Base article AKB2000012 – Neutralize Telemetry & Sustain Win 7, 8.1 Monthly Rollup Model.

What on earth are they thinking?

Seriously. Tell me about it on AskWoody.

http://www.computerworld.com/category/security/index.rss