|
|
Microsoft Bypasses HOSTS File - TechAmok
Microsoft Bypasses HOSTS File - [security]
09:35 AM EDT - Apr,17 2006 - post a comment Dave Korn announced on the Full Disclosure and Bugtraq security lists that
Microsoft is bypassing local lookups for some hosts, meaning that you can't
locally block some sites through your HOSTS file. All of these sites are
MicroSoft controlled sites:
DomainScreenList:
windowsupdate.microsoft.com
windowsupdate.com
microsoftupdate.com
download.microsoft.com
update.microsoft.com
HostsScreenList:
microsoft.com
www.microsoft.com
support.microsoft.com
wustats.microsoft.com
microsoftupdate.microsoft.com
office.microsoft.com
msdn.microsoft.com
go.microsoft.com
msn.com
www.msn.com
msdn.com
www.msdn.com
A quick check suggests that this behavior debuted with XP SP2, and is present on
2003 SP1 as well. (I haven't looked at 2003 RTM, but it would be interesting if
someone please would.) Although one could argue that this measure is intended to
thwart attempts to block updating Microsoft products, it's indefensible because:
1) It's a point-in-time, cat-and-mouse defense against an ephemeral malware
technique, a change that causes permanent headaches in situations like yours,
and the potential for negative publicity as a result.
2) As far as I know, their malicious software removal tool didn't exist back
when this behavior was created, so what good was keeping access to Microsoft
open going to do an infected system? What good does it do to install a patch for
a vulnerability that's already been exploited onto the computer of the
archetypal "home user"?
3) Although it falls in line with removing raw sockets and limiting half-open
TCP connections, making these Microsoft hosts and domain unfilterable is even
more egregious because of the implications you mentioned, and because this
behavior was never publicly documented.
4) Their selectiveness seems unfair. I'm sure all the antivirus/antispyware
companies whose domains regularly end up in hosts-files would love to be added
to the list, too. (So would everyone else whose software reports "anonymous
usage statistics" and all the other companies making money from web
advertising.*) Going back to #3, it would have been more disruptive but less
controversial if they had removed regard for the hosts-file entirely, or made
the resolver only consult the hosts-file after all else failed, thereby
preventing it from being used for blocking. It's not a great analogy, but this
move is sort of like if they had only blocked raw IP packets headed for a
Microsoft IP address, instead of raw sockets entirely.
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Feb,22 2026 Bitcoin Miner Bitdeer Sells Everything: Treasury Hits Zero in AI Feb,22 2026 HW News - More Valve RAM Shortages, Tariffs Ruling, AI Causes PS6 Feb,22 2026 Microsoft's Deep Integration of Copilot in Windows 11 Raises Feb,22 2026 Elon Musk Confirms X Money Now Live in Internal Beta for Employees, Feb,22 2026 Scream (1996) Flashback Review Feb,22 2026 PayPal Confirms Major Breach: SSNs, Emails, and More Exposed from Feb,22 2026 Does Freezing Help Delidding? 9850X3D Delid & Overclocking Test Feb,22 2026 Microsoft is phasing out the custom primary password feature in its Feb,21 2026 Everyone is Buying the Wrong Dash Cam! (2026) Feb,20 2026 Big Brother on Discord: Leaked Code Shows Age Verification Runs You Feb,19 2026 OpenClaw’s Top Skill is a Malware that Stole SSH Keys and Opened Feb,19 2026 Google Adds Satellite SOS to its Affordable Pixel Phone Feb,19 2026 Phison CEO Warns: AI-Driven NAND and DRAM Shortage Could Bankrupt Feb,19 2026 NVIDIA CEO hypes up GTC 2026, promises to unveil a chip that will Feb,19 2026 Microsoft is uploading your confidential emails to Copilot for Feb,18 2026 Anthropic Releases Claude Sonnet 4.6 with Improved Coding, Computer Feb,17 2026 Apple Eyeing A Partnership With Chinese Memory Makers YMTC And CXMT Feb,17 2026 This $60,000 TV was IRRESISTIBLE Feb,17 2026 Keenadu Android Backdoor Infects Firmware, Spreads via Google Play Feb,17 2026 Discord's ID Check Nightmare Sparks Massive Exodus to TeamSpeak Feb,17 2026 Amazing Robot Performance at the 2026 Spring Festival Gala Feb,16 2026 Apple brings video podcasts and other improvements in iOS 26.4 beta Feb,16 2026 Dutch Defence Secretary Boldly Claims F-35 Software Could Be Feb,16 2026 Samsung shows off Galaxy S26 Ultra privacy display Feb,16 2026 60 Million Passwords Exposed? ETH Zurich Shatters 'Unbreakable' Feb,15 2026 Apple MacBook with iPhone chip launches next month Feb,15 2026 Discord's Disturbing Ties to Global Surveillance | ID Verification, Feb,15 2026 20 Mind-Blowing Tech Gadgets You MUST See in 2026! Feb,15 2026 Western Digital's HDD production capacity for 2026 is fully sold Feb,14 2026 Google Releases First Beta Version of Android 17 Feb,14 2026 The Audiophile Gaming Headset - HIFIMAN x ROG Kithara Feb,14 2026 7zip Malware: Beware 7zip.com Feb,14 2026 REDMAGIC 11 Pro Review: Can This Be Your ONLY Phone? Feb,13 2026 Google Docs now has AI-generated audio summaries Feb,13 2026 Apple Patches Actively Exploited Zero-Day Vulnerability Across Feb,13 2026 What is the Windows.old folder and can I delete it? Feb,12 2026 Microsoft AI CEO Mustafa Suleyman: 'Most White Collar Work Will Be Feb,12 2026 Helldivers Movie Lands November 2027 Release, Jason Momoa to Star Feb,12 2026 Apple 0-Day Vulnerability Actively Exploited in Sophisticated Attack Feb,11 2026 Apple releases iOS 26.3 and iPadOS 26.3 to the public
>> News Archive <<
| |
|
