|
|
Microsoft Bypasses HOSTS File - TechAmok
Microsoft Bypasses HOSTS File - [security]
09:35 AM EDT - Apr,17 2006 - post a comment Dave Korn announced on the Full Disclosure and Bugtraq security lists that
Microsoft is bypassing local lookups for some hosts, meaning that you can't
locally block some sites through your HOSTS file. All of these sites are
MicroSoft controlled sites:
DomainScreenList:
windowsupdate.microsoft.com
windowsupdate.com
microsoftupdate.com
download.microsoft.com
update.microsoft.com
HostsScreenList:
microsoft.com
www.microsoft.com
support.microsoft.com
wustats.microsoft.com
microsoftupdate.microsoft.com
office.microsoft.com
msdn.microsoft.com
go.microsoft.com
msn.com
www.msn.com
msdn.com
www.msdn.com
A quick check suggests that this behavior debuted with XP SP2, and is present on
2003 SP1 as well. (I haven't looked at 2003 RTM, but it would be interesting if
someone please would.) Although one could argue that this measure is intended to
thwart attempts to block updating Microsoft products, it's indefensible because:
1) It's a point-in-time, cat-and-mouse defense against an ephemeral malware
technique, a change that causes permanent headaches in situations like yours,
and the potential for negative publicity as a result.
2) As far as I know, their malicious software removal tool didn't exist back
when this behavior was created, so what good was keeping access to Microsoft
open going to do an infected system? What good does it do to install a patch for
a vulnerability that's already been exploited onto the computer of the
archetypal "home user"?
3) Although it falls in line with removing raw sockets and limiting half-open
TCP connections, making these Microsoft hosts and domain unfilterable is even
more egregious because of the implications you mentioned, and because this
behavior was never publicly documented.
4) Their selectiveness seems unfair. I'm sure all the antivirus/antispyware
companies whose domains regularly end up in hosts-files would love to be added
to the list, too. (So would everyone else whose software reports "anonymous
usage statistics" and all the other companies making money from web
advertising.*) Going back to #3, it would have been more disruptive but less
controversial if they had removed regard for the hosts-file entirely, or made
the resolver only consult the hosts-file after all else failed, thereby
preventing it from being used for blocking. It's not a great analogy, but this
move is sort of like if they had only blocked raw IP packets headed for a
Microsoft IP address, instead of raw sockets entirely.
|
|
Short overview of recent news articles |
|
iPhone 17 Pro VS iPhone 16 Pro VS iPhone 15 Pro VS iPhone 14 Pro (Sep,14 2025 ) What's the AMD Alternative to an RTX 5070? (Sep,11 2025 ) Apple got my wife, they might get me next... (Sep,10 2025 ) Which Phone Has The Fastest Wi-Fi 7? (Sep,09 2025 ) Apple Event - September 9 (Sep,09 2025 ) Ferrari F430 *MANUAL* with TUBI EXHAUST SCREAMING on the AUTOBAHN! (Sep,08 2025 ) AMD Adrenalin 25.9.1 Driver (Sep,08 2025 ) Google Brings AI Text Tools to its Keyboard (Sep,08 2025 ) The Fastest Lap In F1 History: Max Verstappen's Pole Lap | 2025 (Sep,06 2025 ) You can't download and install Windows 11 25H2 yet as Microsoft (Sep,06 2025 ) A House of Dynamite - Official Teaser (2025) Rebecca Ferguson, Greta (Sep,04 2025 ) RTX 5060 Ti 16GB + Ryzen 5 5600 : Test in 17 Games (Sep,04 2025 ) BUGONIA Trailer 2 (2025) Emma Stone, Jesse Plemons (Sep,02 2025 ) Huawei unveils world-leading AI supercharged hard drive to power (Sep,02 2025 ) AM4 Lives: AMD Ryzen 5 5500X3D CPU Review & Benchmarks (Sep,01 2025 ) I was wrong, iPhone IS better than Android...- 30 Day iPhone (Aug,29 2025 ) 303KM/H BMW X5 M50i GPOWER SOUNDS LIKE THUNDER (Aug,29 2025 ) NVIDIA GeForce 581.15 WHQL drivers (Aug,29 2025 ) Apple Intelligence vs Galaxy AI / Google Pixel AI / Xiaomi HyperAI - (Aug,28 2025 ) The Woman in Cabin 10 - Official Trailer (Aug,28 2025 ) YANGWANG U9 Breaks Global EV Top Speed Record (Aug,28 2025 ) AMD B850 Motherboard Roundup: Sub $200 Models (Aug,26 2025 ) Gamers Nexus: Our Channel Could Be Deleted (Aug,25 2025 ) 2025 Audi A5 E-Hybrid 299HP "250KMH is back!!" // REVIEW on (Aug,24 2025 ) I Can't Stop You From Buying This... But I'll Try - GeForce RTX (Aug,23 2025 ) NVIDIA GeForce 581.08 WHQL Driver (Aug,23 2025 ) Murcielago with flames chasing an F1 car on highway (2025) (Aug,21 2025 ) Windows 11 24H2 Security Update Causes SSD/HDD Failures and (Aug,18 2025 ) Samsung Galaxy Z Fold 7 - Tips, Tricks & Hidden Features! (Aug,17 2025 ) 500Hz OLEDs are Awesome - Gigabyte AORUS FO27Q5P Review (Aug,17 2025 ) They Said my Gaming & Badminton Club Would Never OPEN! (Aug,17 2025 ) NVIDIA GeForce Game Ready 580.97 WHQL Driver (Aug,13 2025 ) When your Bro needs a new computer... (Aug,13 2025 ) WhatsApp's latest update is a huge "convenience" for group chats (Aug,12 2025 ) COLLAPSE: Intel is Falling Apart (Aug,12 2025 ) Useless or Genius: NVMe SSD Coolers (Aug,11 2025 ) 2025 NEW! Audi A6 3.0 TFSI - BETTER than BMW 5? / (Aug,11 2025 ) Ryzen 7 5800X3D vs. 9800X3D, Battlefield 6 Open Beta Benchmark (Aug,10 2025 ) How to Enter BIOS from Windows Using CMD | Easiest Method (No Key (Aug,10 2025 ) Battlefield 6 Open Beta Benchmark: 9800X3D vs. 9700X vs. 265K (Aug,09 2025 ) WhatsApp finally adds a useful photo feature for Android users (Aug,09 2025 ) OpenAI announces ChatGPT changes following user feedback (Aug,09 2025 ) Corsair MAKR75 Review - Ultimate DIY Keyboard Kit (Aug,06 2025 ) 1176 Hardware vs Plugin - Is There Really a Difference? (Aug,06 2025 ) Do this NOW: Use Disposable Windows for Maximum Security! (Aug,06 2025 ) CPU/GPU Scaling: Ryzen 7 5800X3D (RTX 5090, 5080, RX 9070 & 9060 XT) (Aug,06 2025 ) XRP To $1000 By 2030... Know What You Hold BUT SELL YOUR XRP HERE: ? (Aug,05 2025 ) NURBURGRING HEAVY RAINSTORM! MANY Fails, Spins & Slippery Action! (Aug,03 2025 ) 2025 Bentley Continental GTC SPEED // REVIEW on AUTOBAHN (Aug,03 2025 ) F1: Qualifying Highlights | 2025 Hungarian Grand Prix (Aug,03 2025 )
>> News Archive <<
| |
|
