|
|
Microsoft Bypasses HOSTS File - TechAmok
Microsoft Bypasses HOSTS File - [security]
09:35 AM EDT - Apr,17 2006 - post a comment Dave Korn announced on the Full Disclosure and Bugtraq security lists that
Microsoft is bypassing local lookups for some hosts, meaning that you can't
locally block some sites through your HOSTS file. All of these sites are
MicroSoft controlled sites:
DomainScreenList:
windowsupdate.microsoft.com
windowsupdate.com
microsoftupdate.com
download.microsoft.com
update.microsoft.com
HostsScreenList:
microsoft.com
www.microsoft.com
support.microsoft.com
wustats.microsoft.com
microsoftupdate.microsoft.com
office.microsoft.com
msdn.microsoft.com
go.microsoft.com
msn.com
www.msn.com
msdn.com
www.msdn.com
A quick check suggests that this behavior debuted with XP SP2, and is present on
2003 SP1 as well. (I haven't looked at 2003 RTM, but it would be interesting if
someone please would.) Although one could argue that this measure is intended to
thwart attempts to block updating Microsoft products, it's indefensible because:
1) It's a point-in-time, cat-and-mouse defense against an ephemeral malware
technique, a change that causes permanent headaches in situations like yours,
and the potential for negative publicity as a result.
2) As far as I know, their malicious software removal tool didn't exist back
when this behavior was created, so what good was keeping access to Microsoft
open going to do an infected system? What good does it do to install a patch for
a vulnerability that's already been exploited onto the computer of the
archetypal "home user"?
3) Although it falls in line with removing raw sockets and limiting half-open
TCP connections, making these Microsoft hosts and domain unfilterable is even
more egregious because of the implications you mentioned, and because this
behavior was never publicly documented.
4) Their selectiveness seems unfair. I'm sure all the antivirus/antispyware
companies whose domains regularly end up in hosts-files would love to be added
to the list, too. (So would everyone else whose software reports "anonymous
usage statistics" and all the other companies making money from web
advertising.*) Going back to #3, it would have been more disruptive but less
controversial if they had removed regard for the hosts-file entirely, or made
the resolver only consult the hosts-file after all else failed, thereby
preventing it from being used for blocking. It's not a great analogy, but this
move is sort of like if they had only blocked raw IP packets headed for a
Microsoft IP address, instead of raw sockets entirely.
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Feb,19 2026 NVIDIA CEO hypes up GTC 2026, promises to unveil a chip that will Feb,19 2026 Microsoft is uploading your confidential emails to Copilot for Feb,18 2026 Anthropic Releases Claude Sonnet 4.6 with Improved Coding, Computer Feb,17 2026 Apple Eyeing A Partnership With Chinese Memory Makers YMTC And CXMT Feb,17 2026 This $60,000 TV was IRRESISTIBLE Feb,17 2026 Keenadu Android Backdoor Infects Firmware, Spreads via Google Play Feb,17 2026 Discord's ID Check Nightmare Sparks Massive Exodus to TeamSpeak Feb,17 2026 Amazing Robot Performance at the 2026 Spring Festival Gala Feb,16 2026 Apple brings video podcasts and other improvements in iOS 26.4 beta Feb,16 2026 Dutch Defence Secretary Boldly Claims F-35 Software Could Be Feb,16 2026 Samsung shows off Galaxy S26 Ultra privacy display Feb,16 2026 60 Million Passwords Exposed? ETH Zurich Shatters 'Unbreakable' Feb,15 2026 Apple MacBook with iPhone chip launches next month Feb,15 2026 Discord's Disturbing Ties to Global Surveillance | ID Verification, Feb,15 2026 20 Mind-Blowing Tech Gadgets You MUST See in 2026! Feb,15 2026 Western Digital's HDD production capacity for 2026 is fully sold Feb,14 2026 Google Releases First Beta Version of Android 17 Feb,14 2026 The Audiophile Gaming Headset - HIFIMAN x ROG Kithara Feb,14 2026 7zip Malware: Beware 7zip.com Feb,14 2026 REDMAGIC 11 Pro Review: Can This Be Your ONLY Phone? Feb,13 2026 Google Docs now has AI-generated audio summaries Feb,13 2026 Apple Patches Actively Exploited Zero-Day Vulnerability Across Feb,13 2026 What is the Windows.old folder and can I delete it? Feb,12 2026 Microsoft AI CEO Mustafa Suleyman: 'Most White Collar Work Will Be Feb,12 2026 Helldivers Movie Lands November 2027 Release, Jason Momoa to Star Feb,12 2026 Apple 0-Day Vulnerability Actively Exploited in Sophisticated Attack Feb,11 2026 Apple releases iOS 26.3 and iPadOS 26.3 to the public Feb,11 2026 T-Mobile Announces Live Audio Language Translation as a Network Feb,10 2026 Windows 11 26H1 Drops Exclusively on New Snapdragon X2 Devices - No Feb,10 2026 Fake 7-Zip downloads are turning home PCs into proxy nodes Feb,10 2026 Microsoft Patch Tuesday February 2026 - 54 Vulnerabilities Fixed, Feb,10 2026 Snapdragon X2 Elite Early - Performance Preview Feb,10 2026 AI Chat App Exposes 300 Million Messages from 25 Million Users Feb,09 2026 My Kids can Pick ANY Phone They Want For a Present Feb,09 2026 Microsoft Removes Printer Drivers in Windows 11 Update - What You Feb,09 2026 Apple's Next AirPods Pro Will Literally See the World Around You Feb,09 2026 Beware of Apple Pay Phishing Attack that Aims to Steal Your Payment Feb,08 2026 NASA to Allow Astronauts to Bring Smartphones to Space Feb,08 2026 AT&T Launches New Samsung Phone for Kids Feb,07 2026 Headphones with Noise Cancelling that Don't Stick in your Ear -
>> News Archive <<
| |
|
