How Microsoft copied malware techniques to make Get Windows 10 the world's PC pest

JMH

Emeritus, Contributor
Joined
Apr 2, 2012
Posts
7,197
Microsoft uses techniques similar to aggressive malware to promote its “Get Windows 10” offer.

As many readers have discovered, the persistent and constantly changing methods Microsoft uses to continually reintroduce its “Get Windows 10” tool, or GWX, onto computers means it’s extremely difficult to avoid.

Windows users who decline to use it find it is repeatedly reintroduced. The language of the counter-malware industry is more appropriate than the language of enterprise IT for GWX.

GWX subverts a channel intended for one purpose (security hotfixes) for another (advertising); it changes its “attack vectors”, it uses “polymorphic” techniques; and it consistently overrides users' actions and permissions.

Much of the attention in the tech press on combatting GWX has been has focused on eliminating the work of one patch, KB3035583, which constantly reappears on users' PCs, even after removal. However, an investigation shows that ‘583 is a symptom, rather than the cause, of recurring GWX infestations.

The ‘583 patch is most commonly reinstalled by another patch, KB2952664. Once ‘664 is on a system, '583 will be requested for download and installation. Getting rid of, and thereby controlling, '664 could be the key to controlling the sophisticated "Get Windows 10" nagware network.
How Microsoft copied malware techniques to make Get Windows 1 the world's PC pest • The Register
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top