|
|
Microsoft Bypasses HOSTS File - TechAmok
Microsoft Bypasses HOSTS File - [security]
09:35 AM EDT - Apr,17 2006 - post a comment Dave Korn announced on the Full Disclosure and Bugtraq security lists that
Microsoft is bypassing local lookups for some hosts, meaning that you can't
locally block some sites through your HOSTS file. All of these sites are
MicroSoft controlled sites:
DomainScreenList:
windowsupdate.microsoft.com
windowsupdate.com
microsoftupdate.com
download.microsoft.com
update.microsoft.com
HostsScreenList:
microsoft.com
www.microsoft.com
support.microsoft.com
wustats.microsoft.com
microsoftupdate.microsoft.com
office.microsoft.com
msdn.microsoft.com
go.microsoft.com
msn.com
www.msn.com
msdn.com
www.msdn.com
A quick check suggests that this behavior debuted with XP SP2, and is present on
2003 SP1 as well. (I haven't looked at 2003 RTM, but it would be interesting if
someone please would.) Although one could argue that this measure is intended to
thwart attempts to block updating Microsoft products, it's indefensible because:
1) It's a point-in-time, cat-and-mouse defense against an ephemeral malware
technique, a change that causes permanent headaches in situations like yours,
and the potential for negative publicity as a result.
2) As far as I know, their malicious software removal tool didn't exist back
when this behavior was created, so what good was keeping access to Microsoft
open going to do an infected system? What good does it do to install a patch for
a vulnerability that's already been exploited onto the computer of the
archetypal "home user"?
3) Although it falls in line with removing raw sockets and limiting half-open
TCP connections, making these Microsoft hosts and domain unfilterable is even
more egregious because of the implications you mentioned, and because this
behavior was never publicly documented.
4) Their selectiveness seems unfair. I'm sure all the antivirus/antispyware
companies whose domains regularly end up in hosts-files would love to be added
to the list, too. (So would everyone else whose software reports "anonymous
usage statistics" and all the other companies making money from web
advertising.*) Going back to #3, it would have been more disruptive but less
controversial if they had removed regard for the hosts-file entirely, or made
the resolver only consult the hosts-file after all else failed, thereby
preventing it from being used for blocking. It's not a great analogy, but this
move is sort of like if they had only blocked raw IP packets headed for a
Microsoft IP address, instead of raw sockets entirely.
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Jan,18 2026 AI in 2050 Jan,17 2026 iOS 26.2 Fixes Major Security Flaws Jan,17 2026 Google Links its AI to Your Gmail and Photos for "Personal Jan,17 2026 Fastest Koenigsegg v Fastest Bugatti: DRAG RACE Jan,17 2026 Creating a 48GB NVIDIA RTX 4090 GPU Jan,14 2026 CES was frickin weird, guys Jan,12 2026 Lee Cronin's The Mummy - Official Teaser Trailer (2026) Jack Jan,12 2026 Ferrari SF90 XX v Xiaomi SU7 Ultra: DRAG RACE Jan,10 2026 Welcome to the Wasteland - Fallout (American TV series) fan video Jan,09 2026 GOOD LUCK, HAVE FUN, DON'T DIE Trailer 2 (2026) Sam Rockwell Jan,07 2026 NVIDIA Releases GeForce 591.74 WHQL Drivers with DLSS 4.5 Support Jan,07 2026 Predator: Badlands Exclusive Deleted Scene (2025) Jan,06 2026 Greenland 2: Migration - Official Trailer 3 (2026) Gerard Butler, Jan,05 2026 The Best Laptops of 2025 - For Gaming, Creators & Students! Jan,05 2026 Punkt Updates its Privacy-Focused Smartphone Jan,05 2026 Clicks Launches New Ways to Add a Physical Keyboard to Your Life Jan,05 2026 Building a PC for the First Time Jan,03 2026 Building a PC in 2026 Jan,02 2026 I want this phone so bad... - Samsung Galaxy Z TriFold Jan,02 2026 The Real Finewine Strikes Again: Ryzen 5600X, 5700X & 5800XT Revisit Jan,02 2026 Nokia N8 Symbian Re-Awakened With Passion Jan,02 2026 Europe Forces Apple to Open up More of iOS Jan,02 2026 Must have Privacy and Security Tweaks: 2026 Edition Jan,01 2026 How Did RAM Get So Expensive?! Dec,31 2025 GeForce RTX 5090 prices to soar to $5,000 as NVIDIA and AMD prep GPU Dec,30 2025 Hacker arrested for KMSAuto malware campaign with 2.8 million Dec,29 2025 Killer Whale - Official Trailer (2026) Virginia Gardner, Mel Dec,28 2025 NVIDIA Showed Me Their Supercomputer Dec,28 2025 2026 CPU Launches! AMD, Intel & NVIDIA: Buy Now or Wait? Dec,27 2025 Disable this Windows Feature that Secretly Eats Up RAM! Dec,27 2025 New Windows 11 vs Old Malware: Will it survive? Dec,27 2025 Samsung TriFold Durability Test: We found the limit Dec,26 2025 TRUST WALLET CONFIRMS SECURITY BREACH Dec,26 2025 Xiaomi 17 Ultra Leads And Samsung To Follow With A 10 Percent Price Dec,25 2025 Merry Christmas Gaming Insanity Dec,24 2025 Battlefield 6 - Official PS5 Features Trailer Dec,24 2025 NVIDIA GeForce Hotfix Driver 591.67 Released Dec,23 2025 Finally! A Battery That's Better Than Energizer and Duracell! Dec,22 2025 NVIDIA Killing Cheap 16GB Local AI GPUs? Dec,21 2025 Top 10 Movie Sequels of All Time
>> News Archive <<
| |
|
