|
|
Microsoft Bypasses HOSTS File - TechAmok
Microsoft Bypasses HOSTS File - [security]
09:35 AM EDT - Apr,17 2006 - post a comment Dave Korn announced on the Full Disclosure and Bugtraq security lists that
Microsoft is bypassing local lookups for some hosts, meaning that you can't
locally block some sites through your HOSTS file. All of these sites are
MicroSoft controlled sites:
DomainScreenList:
windowsupdate.microsoft.com
windowsupdate.com
microsoftupdate.com
download.microsoft.com
update.microsoft.com
HostsScreenList:
microsoft.com
www.microsoft.com
support.microsoft.com
wustats.microsoft.com
microsoftupdate.microsoft.com
office.microsoft.com
msdn.microsoft.com
go.microsoft.com
msn.com
www.msn.com
msdn.com
www.msdn.com
A quick check suggests that this behavior debuted with XP SP2, and is present on
2003 SP1 as well. (I haven't looked at 2003 RTM, but it would be interesting if
someone please would.) Although one could argue that this measure is intended to
thwart attempts to block updating Microsoft products, it's indefensible because:
1) It's a point-in-time, cat-and-mouse defense against an ephemeral malware
technique, a change that causes permanent headaches in situations like yours,
and the potential for negative publicity as a result.
2) As far as I know, their malicious software removal tool didn't exist back
when this behavior was created, so what good was keeping access to Microsoft
open going to do an infected system? What good does it do to install a patch for
a vulnerability that's already been exploited onto the computer of the
archetypal "home user"?
3) Although it falls in line with removing raw sockets and limiting half-open
TCP connections, making these Microsoft hosts and domain unfilterable is even
more egregious because of the implications you mentioned, and because this
behavior was never publicly documented.
4) Their selectiveness seems unfair. I'm sure all the antivirus/antispyware
companies whose domains regularly end up in hosts-files would love to be added
to the list, too. (So would everyone else whose software reports "anonymous
usage statistics" and all the other companies making money from web
advertising.*) Going back to #3, it would have been more disruptive but less
controversial if they had removed regard for the hosts-file entirely, or made
the resolver only consult the hosts-file after all else failed, thereby
preventing it from being used for blocking. It's not a great analogy, but this
move is sort of like if they had only blocked raw IP packets headed for a
Microsoft IP address, instead of raw sockets entirely.
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Oct,27 2025 Malware of the Future: What an infected system looks like in 2025 Oct,27 2025 F1: Race Highlights | 2025 Mexico City Grand Prix Oct,26 2025 F1: Qualifying Highlights | 2025 Mexico City Grand Prix Oct,25 2025 New Big Windows 11 25H2 October Update - New Taskbar Battery Icons Oct,25 2025 Apple Prepping 'Transfer to Android' Feature, Including 3rd-Party Oct,24 2025 HW News - RIP Internet, RAM Prices Skyrocket from AI Demand, Intel Oct,21 2025 Retro Gaming PC Upgrades go WRONG! Oct,21 2025 How social media has ruined us - the more time you spend online, the Oct,20 2025 FERRARI 12 CILINDRI // 340KMH REVIEW on AUTOBAHN Oct,20 2025 ROG Xbox Ally X - a PC Gamer's Perspective Oct,20 2025 Race Highlights | 2025 United States Grand Prix Oct,18 2025 RedMagic Puts Liquid Cooling in its New Gaming Phone Oct,18 2025 Russia Says U.S. Is Planning a $37 Trillion Crypto Reset Oct,18 2025 Tor Browser says no to Firefox's AI features as it removes them Oct,14 2025 NVIDIA GeForce 581.57 WHQL Driver Oct,13 2025 Samsung One UI 8.5 vs iOS 26 - COMPARISON Oct,12 2025 Google Turned Down by Supreme Court, Must Open up App Payments Oct,10 2025 AMD releases new 25.10.1 preview graphics driver with Battlefield 6 Oct,10 2025 MERCY Official Trailer (2026) Chris Pratt Oct,07 2025 Galaxy S26 Ultra - Samsung, Please Don't Copy This Oct,06 2025 Canada's Las Vegas Sphere is here - and I game on it Oct,06 2025 Predator: Badlands - Official Final Trailer (2025) Oct,04 2025 Chasing a Gaming World Record Oct,02 2025 Frankenstein - Official Trailer (2025) Guillermo del Toro, Oscar Oct,02 2025 iPhone 17 Pro Max vs 16 Pro Max / Pixel 10 Pro XL / Galaxy S25 Ultra Sep,30 2025 iOS 26.0.1 is Out! - What's New? Sep,30 2025 NEW! 2026 Audi Q3 2.0 TFSI (265hp) vs. e-hybrid (272hp)| 0-100 km/h Sep,29 2025 Samsung One UI 8.5 Hands on - I Was Wrong Sep,28 2025 iPhone Air Teardown - What is 3D Printed Titanium? Sep,28 2025 Nvidia Wouldn't Send Me This $30,000 GPU - H200 Holy $H!T Sep,27 2025 The Astronaut - Official Trailer (2025) Kate Mara, Laurence Sep,25 2025 iPhone 17 Durability Test -- What Scratches are Permanent? Sep,23 2025 iPhone 17 Pro Max vs. Galaxy S25 Ultra Drop Test! Sep,21 2025 Race Highlights: A Swing In The Drivers' Title Fight? | 2025 Sep,21 2025 BYD Yangwang U9 Hits 496.22 KM/H - EV Supercar Speed Record Sep,21 2025 I'm FIRST to Unbox The World's Biggest TV Sep,21 2025 Samsung Begins Rollout of Android 16 to Rest of Lineup Sep,21 2025 iOS 26 Now Available, with Visual Intelligence Sep,21 2025 Apple's iPhone 17 Series is Nearly Hack-Proof Sep,21 2025 Qualifying Highlights - 2025 Azerbaijan Grand Prix
>> News Archive <<
| |
|
