Updated:07:49 AM EDT Oct 31


this is ggmania.com subsite Microsoft Bypasses HOSTS File - TechAmok

Microsoft Bypasses HOSTS File - [security]
09:35 AM EDT - Apr,17 2006 - post a comment

Dave Korn announced on the Full Disclosure and Bugtraq security lists that Microsoft is bypassing local lookups for some hosts, meaning that you can't locally block some sites through your HOSTS file. All of these sites are MicroSoft controlled sites:
DomainScreenList:
windowsupdate.microsoft.com
windowsupdate.com
microsoftupdate.com
download.microsoft.com
update.microsoft.com

HostsScreenList:
microsoft.com
www.microsoft.com
support.microsoft.com
wustats.microsoft.com
microsoftupdate.microsoft.com
office.microsoft.com
msdn.microsoft.com
go.microsoft.com
msn.com
www.msn.com
msdn.com
www.msdn.com

A quick check suggests that this behavior debuted with XP SP2, and is present on 2003 SP1 as well. (I haven't looked at 2003 RTM, but it would be interesting if someone please would.) Although one could argue that this measure is intended to thwart attempts to block updating Microsoft products, it's indefensible because:

1) It's a point-in-time, cat-and-mouse defense against an ephemeral malware technique, a change that causes permanent headaches in situations like yours, and the potential for negative publicity as a result.

2) As far as I know, their malicious software removal tool didn't exist back when this behavior was created, so what good was keeping access to Microsoft open going to do an infected system? What good does it do to install a patch for a vulnerability that's already been exploited onto the computer of the archetypal "home user"?

3) Although it falls in line with removing raw sockets and limiting half-open TCP connections, making these Microsoft hosts and domain unfilterable is even more egregious because of the implications you mentioned, and because this behavior was never publicly documented.

4) Their selectiveness seems unfair. I'm sure all the antivirus/antispyware companies whose domains regularly end up in hosts-files would love to be added to the list, too. (So would everyone else whose software reports "anonymous usage statistics" and all the other companies making money from web advertising.*) Going back to #3, it would have been more disruptive but less controversial if they had removed regard for the hosts-file entirely, or made the resolver only consult the hosts-file after all else failed, thereby preventing it from being used for blocking. It's not a great analogy, but this move is sort of like if they had only blocked raw IP packets headed for a Microsoft IP address, instead of raw sockets entirely.

Short overview of recent news articles

Xbox Series X and Xbox Series S launch live stream set for November (Oct,31 2020 )

Samsung Launches Its Own Find-My-Device Service (Oct,30 2020 )

NVIDIA GeForce Game Ready 457.09 WHQL driver (Oct,29 2020 )

AMD announces Radeon RX 6800XT & RX 6900XT (Oct,28 2020 )

Xbox Series X and Xbox Series S unboxing (Oct,28 2020 )

PS5 unboxing (Oct,27 2020 )

Raikkonen Scares Giovinazzi On Nordschleife's Green Hell (Oct,27 2020 )

Russian blogger burns his Mercedes worth 13 million rubles (Oct,27 2020 )

OnePlus Bringing Affordable Nord Series to North America (Oct,27 2020 )

Murder hornets nest found and destroyed in US (Oct,25 2020 )

This 8K Monitor Costs HOW MUCH?! (Oct,25 2020 )

Windows 10 version 20H2 is here - here's what you need to know (Oct,25 2020 )

Broken Squirrel :-D (Oct,24 2020 )

iPhone 12 Pro vs iPhone 12 vs iPhone 11 Pro Camera Test Comparison (Oct,23 2020 )

Apple Updates iPhone 12 Pricing (Oct,23 2020 )

Layers of Fear 2 is Free on Epic Games Store (Oct,23 2020 )

Replacing the T2's MacEFI (Oct,21 2020 )

Cyberpunk 2077 - What You're Looking For (Oct,21 2020 )

AMD Releases Radeon Software Adrenalin 20.10.1 Drivers (Oct,20 2020 )

AMD Ryzen 5 5600X Benchmarked (Oct,19 2020 )

Supercomputer simulates how coronavirus droplets spread (Oct,18 2020 )

BENEDICTION - Iterations (OFFICIAL MUSIC VIDEO) (Oct,18 2020 )

Apple Updates iPhone 12 Pricing (Oct,18 2020 )

ICE-T Interview - Streaming Games (Oct,18 2020 )

The First Look at Boom's Supersonic Plane (Oct,16 2020 )

AMD Ryzen 9 5950X 16-core "Zen 3" Processor Overclocked to 6 GHz (Oct,16 2020 )

Apple Intros Four 5G iPhones (Oct,13 2020 )

Apple Event - October 13 (Oct,13 2020 )

Google Pixel 5 unboxing and first impressions (Oct,13 2020 )

Skydivers Got Stuck Under Plane...Lucky To Cut Free (Oct,10 2020 )

Here's Why Your Phone Battery Sucks (Oct,10 2020 )

Build The Most Beautiful Underground House Villa by Ancient Skills (Oct,10 2020 )

What If You Detonated 1,000,000 Tsar Bombas in the Challenger Deep? (Oct,10 2020 )

The YouTube Magician That Vanished (Oct,10 2020 )

MANK - Official Teaser (Oct,10 2020 )

The Commercial that Killed a Fast Food Chain (Oct,10 2020 )

Windows 10 to support hardware-accelerated AV1 playback (Oct,10 2020 )

Google Assistant Gains Customizable Actions Within Third-Party Apps (Oct,09 2020 )

NVIDIA Could Launch GeForce RTX 3080 / 3070 in December (Oct,09 2020 )

NVIDIA Releases GeForce 456.71 Game Ready Drivers (Oct,07 2020 )

PS5 hardware teardown video (Oct,07 2020 )

Monster Hunter - movie teaser trailer (Oct,06 2020 )

Robot Spy Hummingbird Films HALF A BILLION MONARCH BUTTERFLIES! (Oct,05 2020 )

Free Guy - movie trailer (Oct,05 2020 )

The 100 Meter Swim In 1932 Vs. 2016 (Oct,05 2020 )

New York Launches COVID-19 Exposure Notifications (Oct,05 2020 )

Cyberpunk 2077- No Limits - commercial (Oct,04 2020 )

AMD processors achieve 25% market share (Oct,03 2020 )

NVIDIA GeForce RTX 3070 Launch Postponed to October 29th (Oct,02 2020 )

Microsoft Accelerates x64 Application Support for Windows 10 on Arm (Oct,01 2020 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs