Microsoft Tries Sneaking Telemetry Into Windows 7 "Security-Only" Update

odditory

Supreme [H]ardness
Joined
Dec 23, 2007
Messages
6,482
Here we go again. Microsoft appears to be trying to sneak telemetry into Windows 7 again, this time by disguising it as a "security-only" update.

Released on Patch Tuesday earlier this week, the update (July 9, 2019—KB4507456 (Security-only update) is billed as having the following "key changes": "Security updates to Windows Server, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Shell, Windows Input and Composition, and Windows Kernel".

There is no mention of the bundled Compatibility Appraiser element (KB2952664), and this "security-only" update which includes non-security elements, coupled with Microsoft's usual lack of transparency has raised suspicions once again.

Woody Leonhard was among those to speak out about the issue:
Microsoft included the KB2952664 functionality (known as the "Compatibility Appraiser") in the Security Quality Monthly Rollups for Windows 7 back in September 2018. The move was announced by Microsoft ahead of time.

With the July 2019-07 Security Only Quality Update KB4507456, Microsoft has slipped this functionality into a security-only patch without any warning, thus adding the "Compatibility Appraiser" and its scheduled tasks (telemetry) to the update. The package details for KB4507456 say it replaces KB2952664 (among other updates).

Come on Microsoft. This is not a security-only update. How do you justify this sneaky behavior? Where is the transparency now.

Contacted by ZDNet's Ed Bott, Microsoft responded with a "terse no comment".

If you've installed the update and want to avoid the appraiser, you can simply disable the following tasks in the Task Scheduler:
  • \Microsoft\Windows\Application Experience\ProgramDataUpdater
  • \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser
  • \Microsoft\Windows\Application Experience\AitAgent
https://betanews.com/2019/07/11/microsoft-adds-telemetry-windows-7/
https://www.zdnet.com/article/micro...ding-telemetry-files-to-security-only-update/
 
Microsoft up to its old lying, cheating, propagandizing tricks once again.
Well it really more just demonstrates that when they continually "promise" to be more transparent about data collection, it's doublespeak and they're full of it.

Four years into Windows 10 and they're still so arrogant to believe the telemetry gripes will just blow over. Never going to happen. It's like they don't understand their customer base at all.
 
Ah...come on, guys. MS is just trying to make the upgrade path for Win7 users next January just a little easier... can claim next year there's not much more telemetry and privacy invasion in Win10 than say... last July's Win7. They're making the slippery slope much slicker. And isn't that all we really want - to slide into a boiling vat of personal data theft at the microsoft data mining and refining facility?

:p
 
"Come on Microsoft. This is not a security-only update. How do you justify this sneaky behavior?"
Because that is what Microsoft had always done. It's never for what's in the best interests of their customers. ONLY what's in the best interests of Microsoft, and they expect YOU to pay for it. When I buy something, I expect to get service of some sort in return. If they want to service themselves instead, they should be paying US, not the other way around.
Build a better mousetrap, and the world will beat a path to your door, and happily pay for it. Sell them something and then steal from them, and they will hate you. That is why so many people HATE microsoft. Never happy to produce a good product and sell it for a good price and be wildly successful doing that, they always have to get greedy and try to take more, more, more. No one likes the greedy. No one. You can give billions to charity, Bill Gates and the rest, but we know that all of that money actually came from US, and no matter how much money you made, you always just had to have a little more, and not even tell us that you were taking it. So you're not being charitable at all. No, not at all. All you're doing is trying to convince people that you're not a prick; but that ship has sailed a long time ago. Like all the other robber barons, we know the truth about you and your company. While you may even finance a rosy documentary about how windows changed the computer experience for the world (sort of like the documentary 'The Men Who Build America'), The truth about the rotten way M$ has gone about their business will always be well known, because you just keep....messing....up your own reputation.
 
Last edited:
russia-soviet-union-simpsons-laughing-reaction-1380821531m.gif
 
This patch isn’t even available on Windows Update... So if they are trying really hard to be sneaky with this one, they didn’t even make it available on the most used update platform.
 
Hell, even with all the telemetry updates on 7 never installed and removing any that were snuck in, I'm still pinging MS. That's why I only use Windows for gaming and quick forum browsing/streaming if I get lazy. Normal usage, I just boot up the Linux based drive and worry less about personal data going where it shouldn't.
 
Haha.....Telemetry.

Wait till they start breaking your stuff, and then charging you for the 'Important' fix/update.
 
Linux users would be shocked to see what countries their distros are pinging........

I really find it amusing when people get upset over patches breaking things on Windows, but when MS includes a component so that MS know what the hell they need to test against when patching things, the internet has a tizzy.

Though if it was billed as a security patch, I hope there is a security reason for this :)
 
No No......This is not effing amusing.
It was not a 'test against' patch that broke shit and pissed me off.
MS came in and stopped my video players from working by reverting a codec, so they could charge people for it.
Yes , It ended up being free, but how many people paid that bullshit ?

Telemetry.....that's the least of your worries.
 
Its about time it was made law we are told what any update does, in full, and are given a choice.
Its our computers they are forcefully adding crap to under the guise of security.
It has to stop.

Just so long as they are no longer responsible in any way if something goes wrong with your computer, 100%, that I could agree to that.
 
The choice should be given with a no longer responsible clause, if you choose to do it your own way.
You assume they will be allowed to get away with bundling crap in a security update.
I propose we are given the choice what is installed so we can keep the security updates without the crap.
And if they dont tell the truth there is a penance that will hurt.
 
You assume they will be allowed to get away with bundling crap in a security update.
I propose we are given the choice what is installed so we can keep the security updates without the crap.
And if they dont tell the truth there is a penance that will hurt.
LOL .
 
Hell, even with all the telemetry updates on 7 never installed and removing any that were snuck in, I'm still pinging MS. That's why I only use Windows for gaming and quick forum browsing/streaming if I get lazy. Normal usage, I just boot up the Linux based drive and worry less about personal data going where it shouldn't.

Yep, same here. Boot to Linux for all my normal computing/programming needs and boot to Win 10 for games and the occasional Photoshop session (I dislike Gimp!). Windows 10 is what started my dual booting, before that I only played with Linux in Virtual box.
 
  • Like
Reactions: Nenu
like this
Yep, same here. Boot to Linux for all my normal computing/programming needs and boot to Win 10 for games and the occasional Photoshop session (I dislike Gimp!). Windows 10 is what started my dual booting, before that I only played with Linux in Virtual box.

I do not dual boot and have not in a long time, anymore. If I want to run Linux on bare bones hardware, I will just wipe one of my 3 computers, which are all pretty fast, and install Linux on one of them.
 
I really find it amusing when people get upset over patches breaking things on Windows, but when MS includes a component so that MS know what the hell they need to test against when patching things, the internet has a tizzy.
 
Linux users would be
I really find it amusing when people get upset over patches breaking things on Windows, but when MS includes a component so that MS know what the hell they need to test against when patching things, the internet has a tizzy.
Because there's no correlation. They're collecting more telemetry than ever while the patches are more broken and inconsistent than ever. How do you square that?

The "we need telemetry to fix what's broken" line isn't translating. Collection of personal data is a multi-billion-dollar business segment now, cool, but then be honest and upfront about it - and give people an opt-out, instead of dancing around pretending it's about just fixing bugs while thousands of datapoints are being hoovered 24/7.

This is the same company that gave us such hits as GWX (force-converted PCs to W10 without user intervention) so they've got a trust problem to say the least.
 
Last edited:
Just so long as they are no longer responsible in any way if something goes wrong with your computer, 100%, that I could agree to that.

Microsoft pretty much disavows all responsibility for crap going wrong on 'your' computer now. How many folks have received 'sorry you lost your data or had to spend time reverting your settings because of the last user tested update fail' checks?
 
Because there's no correlation. They're collecting more telemetry than ever while the patches are more broken and inconsistent than ever. How do you square that?

The "we need telemetry to fix what's broken" excuse doesn't wash. Collection of personal data is a multi-billion-dollar business segment now, cool, but then they should be honest and upfront about it instead of pretending it's about "just fixing bugs".

Especially when it's from the company that gave us such hits as GWX and other trojans under the guise of "security" updates.

really they should give away win10 for free or charge $200 for a clean win7 and give people a choice in the matter. let us vote on what we want.

now they are trying to kill a product that everyone still uses and is perfectly happy with. how would you feel if you went to buy a part for your CAR after 5 yrs and they say "OH YOU CANT GET PARTS TO FIX IT BECAUSE IT IS NOW PAST IT'S SUPPORT DATE" either that or it just stops working after so many years. YOUD BE A PISSED SOB.
 
In some ways, I could see how Microsoft defines this as security related since Compatibility Appraiser, is the same thing which maintains the database of program versions with serious security issues defined as HARDBLOCK which Windows won't allow you to run. Disabling the telemetry and tasks are basic Compatibility Assistance related stuff (old OS compat modes, disable themes, dpi scaling, etc) which can be safely disabled, but it still enforces the HARDBLOCK list. The real question is if they actually did update the HARDBLOCK datebase, and what they added to it. Still annoying, but for a different reason than only telemetry.
 
I'll care about things like this if and when MS starts preventing users from disabling their bloat. Until then, it can only be feigned outrage while easily changing settings to take complete control of my OS environment.

As for Windows 7 and the sub-Linux neckbeards who at every opportunity mention they still use it, I hope MS does all it can with these updates to prod the 4 people with legitimate installations to upgrade to an OS made this decade.
 
Last edited:
Linux users would be shocked to see what countries their distros are pinging........

I really find it amusing when people get upset over patches breaking things on Windows, but when MS includes a component so that MS know what the hell they need to test against when patching things, the internet has a tizzy.

Though if it was billed as a security patch, I hope there is a security reason for this :)

This is something I've actually specifically tested on a live distro vs Windows 10 using Wireshark. Windows 10 lit Wireshark up like a like a Christmas tree, the live distro in comparison had barely any traffic at all.

While Ubuntu does have some form of anonymous telemetry, I'm all for it as it may give us some realistic insight free from the manipulation of the two main proprietary players as to actual Linux usage statistics. But essentially, I call bullshit.
 
Ah...come on, guys. MS is just trying to make the upgrade path for Win7 users next January just a little easier... can claim next year there's not much more telemetry and privacy invasion in Win10 than say... last July's Win7. They're making the slippery slope much slicker. And isn't that all we really want - to slide into a boiling vat of personal data theft at the microsoft data mining and refining facility?

:p
If it is related to Windows 7 EoL, then I would understand why they classified it as a security update.
 
In some ways, I could see how Microsoft defines this as security related since Compatibility Appraiser, is the same thing which maintains the database of program versions with serious security issues defined as HARDBLOCK which Windows won't allow you to run. Disabling the telemetry and tasks are basic Compatibility Assistance related stuff (old OS compat modes, disable themes, dpi scaling, etc) which can be safely disabled, but it still enforces the HARDBLOCK list. The real question is if they actually did update the HARDBLOCK datebase, and what they added to it. Still annoying, but for a different reason than only telemetry.

dude you do realize they keep switching up their telemetry sneakiness w/ every OS update, right? that's why spybot is now charging for, and people are subscribing to, their anti-beacon program. because they are constantly trying new ways to spy on you w/out your knowledge or consent.
 
I'll care about things like this if and when MS starts preventing users from disabling their bloat. Until then, it can only be feigned outrage while easily changing settings to take complete control of my OS environment.

so what setting is it to turn off automatic updating? and can i still choose which updates i want? i was looking for that too.

edit: why is it when i finally get all the telemetry turned off that after the next update there's a bunch of other new telemetry shit running in the background?
 
i think after they kill win 7 i'm switching to proton/linux full time. and maybe have a win10 partition for games that won't run on proton. but you will never catch me surfing on win10, ever, it will be for gaming only.

long live windows 7 ... the last real windows.

bill gates doesn't even have a say in the product anymore. they should have to call it something else now. well i guess periscope is taken. uhh, well spy glass would be to obvious. I KNOW!!! Mirrors!!!... think about it, a mirror is something that is very helpful/useful almost essential in everyday life, but at the same time can be used , without your knowledge, to spy on you and can artificially recreate an image of who/what you are. It's perfect... Mirrors it is!!!! :)
 
Last edited:
i think after they kill win 7 i'm switching to proton/linux full time. and maybe have a win10 partition for games that won't run on proton. but you will never catch me surfing on win10, ever, it will be for gaming only.

long live windows 7 ... the last real windows.

bill gates doesn't even have a say in the product anymore. they should have to call it something else now. well i guess periscope is taken. uhh, well spy glass would be to obvious. I KNOW!!! Mirrors!!!... think about it, a mirror is something that is very helpful/useful almost essential in everyday life, but at the same time can be used , without your knowledge, to spy on you and can artificially recreate an image of who/what you are. It's perfect... Mirrors it is!!!! :)

Perfect. Instead of OneDrive, it would become OneWayMirror. Or with a little cross-branding with Netflix, Black Mirror.
 
Back
Top