|
|
Microsoft Bypasses HOSTS File - TechAmok
Microsoft Bypasses HOSTS File - [security]
09:35 AM EDT - Apr,17 2006 - post a comment Dave Korn announced on the Full Disclosure and Bugtraq security lists that
Microsoft is bypassing local lookups for some hosts, meaning that you can't
locally block some sites through your HOSTS file. All of these sites are
MicroSoft controlled sites:
DomainScreenList:
windowsupdate.microsoft.com
windowsupdate.com
microsoftupdate.com
download.microsoft.com
update.microsoft.com
HostsScreenList:
microsoft.com
www.microsoft.com
support.microsoft.com
wustats.microsoft.com
microsoftupdate.microsoft.com
office.microsoft.com
msdn.microsoft.com
go.microsoft.com
msn.com
www.msn.com
msdn.com
www.msdn.com
A quick check suggests that this behavior debuted with XP SP2, and is present on
2003 SP1 as well. (I haven't looked at 2003 RTM, but it would be interesting if
someone please would.) Although one could argue that this measure is intended to
thwart attempts to block updating Microsoft products, it's indefensible because:
1) It's a point-in-time, cat-and-mouse defense against an ephemeral malware
technique, a change that causes permanent headaches in situations like yours,
and the potential for negative publicity as a result.
2) As far as I know, their malicious software removal tool didn't exist back
when this behavior was created, so what good was keeping access to Microsoft
open going to do an infected system? What good does it do to install a patch for
a vulnerability that's already been exploited onto the computer of the
archetypal "home user"?
3) Although it falls in line with removing raw sockets and limiting half-open
TCP connections, making these Microsoft hosts and domain unfilterable is even
more egregious because of the implications you mentioned, and because this
behavior was never publicly documented.
4) Their selectiveness seems unfair. I'm sure all the antivirus/antispyware
companies whose domains regularly end up in hosts-files would love to be added
to the list, too. (So would everyone else whose software reports "anonymous
usage statistics" and all the other companies making money from web
advertising.*) Going back to #3, it would have been more disruptive but less
controversial if they had removed regard for the hosts-file entirely, or made
the resolver only consult the hosts-file after all else failed, thereby
preventing it from being used for blocking. It's not a great analogy, but this
move is sort of like if they had only blocked raw IP packets headed for a
Microsoft IP address, instead of raw sockets entirely.
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Feb,15 2026 Apple MacBook with iPhone chip launches next month Feb,15 2026 Discord's Disturbing Ties to Global Surveillance | ID Verification, Feb,15 2026 20 Mind-Blowing Tech Gadgets You MUST See in 2026! Feb,15 2026 Western Digital's HDD production capacity for 2026 is fully sold Feb,14 2026 Google Releases First Beta Version of Android 17 Feb,14 2026 The Audiophile Gaming Headset - HIFIMAN x ROG Kithara Feb,14 2026 7zip Malware: Beware 7zip.com Feb,14 2026 REDMAGIC 11 Pro Review: Can This Be Your ONLY Phone? Feb,13 2026 Google Docs now has AI-generated audio summaries Feb,13 2026 Apple Patches Actively Exploited Zero-Day Vulnerability Across Feb,13 2026 What is the Windows.old folder and can I delete it? Feb,12 2026 Microsoft AI CEO Mustafa Suleyman: "Most White Collar Work Will Be Feb,12 2026 Helldivers Movie Lands November 2027 Release, Jason Momoa to Star Feb,12 2026 Apple 0-Day Vulnerability Actively Exploited in Sophisticated Attack Feb,11 2026 Apple releases iOS 26.3 and iPadOS 26.3 to the public Feb,11 2026 T-Mobile Announces Live Audio Language Translation as a Network Feb,10 2026 Windows 11 26H1 Drops Exclusively on New Snapdragon X2 Devices - No Feb,10 2026 Fake 7-Zip downloads are turning home PCs into proxy nodes Feb,10 2026 Microsoft Patch Tuesday February 2026 - 54 Vulnerabilities Fixed, Feb,10 2026 Snapdragon X2 Elite Early - Performance Preview Feb,10 2026 AI Chat App Exposes 300 Million Messages from 25 Million Users Feb,09 2026 My Kids can Pick ANY Phone They Want For a Present Feb,09 2026 Microsoft Removes Printer Drivers in Windows 11 Update - What You Feb,09 2026 Apple's Next AirPods Pro Will Literally See the World Around You Feb,09 2026 Beware of Apple Pay Phishing Attack that Aims to Steal Your Payment Feb,08 2026 NASA to Allow Astronauts to Bring Smartphones to Space Feb,08 2026 AT&T Launches New Samsung Phone for Kids Feb,07 2026 Headphones with Noise Cancelling that Don't Stick in your Ear - Feb,07 2026 Microsoft Just Killed Your Old Printer: Legacy Drivers Officially Feb,06 2026 RenEngine Loader and HijackLoader Duo Infects Over 400,000 Gamers in Feb,06 2026 EpsteIn Tool: Check If Your LinkedIn Contacts Appear in 3.5 Million Feb,05 2026 Bitcoin's $64,000 Reality vs. $87K+ Production Costs Sparks Feb,05 2026 Crypto Analyst Issues Urgent 'Final Warning' on XRP: Claims Feb,04 2026 AI-Powered Breach: Hacker Claims AWS Kingdom in Under 10 Minutes Feb,04 2026 Microsoft Axes Standalone SharePoint and OneDrive Plans in Push to Feb,04 2026 Nvidia's $100 billion OpenAI deal has seemingly vanished Feb,04 2026 The Best 14" Gaming Laptops Right Now Feb,04 2026 The Solution to the RAM Crisis is... DDR4??? Feb,03 2026 Google Meet can now join Microsoft Teams calls Feb,03 2026 The Devil Wears Prada 2 - Official Trailer (2026) Meryl Streep, Anne
>> News Archive <<
| |
|
