Microsoft Stirs Suspicions By Adding Telemetry Files To Security-Only Update
An anonymous reader quotes a report from ZDNet: As expected, Windows Update dropped off several packages of security and reliability fixes for Windows 7 earlier this week, part of the normal Patch Tuesday delivery cycle for every version of Windows. But some hawk-eyed observers noted a surprise in one of those Windows 7 packages. What was surprising about this month’s Security-only update, formally titled the “July 9, 2019 — KB4507456 (Security-only update),” is that it bundled the Compatibility Appraiser, KB2952664, which is designed to identify issues that could prevent a Windows 7 PC from updating to Windows 10.
Among the fierce corps of Windows Update skeptics, the Compatibility Appraiser tool is to be shunned aggressively. The concern is that these components are being used to prepare for another round of forced updates or to spy on individual PCs. The word telemetry appears in at least one file, and for some observers it’s a short step from seemingly innocuous data collection to outright spyware. […] I strongly suspect that some part of the Appraiser component on Windows 7 SP1 had a security issue of its own. If that’s the case, then the updates indisputably belong in a Security-only update. And if they happen to get installed on systems where administrators had taken special precautions not to install those components, Microsoft’s reaction seems to be, “Well … tough.” “The Appraiser tool was offered via Windows Update, both separately and as part of a monthly rollup update two years ago; as a result, most of the declining population of Windows 7 PCs already has it installed,” the report notes.
of this story at Slashdot.