Heads up: Microsoft is back to snooping with this month's Win7 and 8.1 'security-only' patches

If you thought you could install Microsoft’s 'security-only' patches and just, you know, get security fixes, think again. This month’s KB 4516033 (Win7) and KB 4516064 (Win8.1) install and activate full telemetry.

Two months ago, the July Win7 security-only patch was found to install telemetry software, triggered by newly installed scheduled tasks called ProgramDataUpdater, Microsoft Compatibility Appraiser, and AitAgent. As best I can tell, Microsoft never admitted that its security-only patch dropped a telemetry component.

The August security-only update didn’t include that bit of snooping, so it looked like the July snooping was a one-off aberration.

Now we’re learning that the September security-only patches for both Win 7 and Win 8.1 have this, shall we say, feature.

Back in July, the excuses given for the snooping behavior struck me as disingenuous. Microsoft never commented, but those who defended the sneaky practice referred to the fact that Win7 is approaching end of support, and Microsoft needed the telemetry to help Win7 users move on to greener pastures.

Those excuses don’t work an more. Windows 8.1 doesn’t reach end of support until Jan. 10, 2023. And if the telemetry is intended to improve Win 8.1 features, I’d like to hear about just one feature improvement in the past four years.

What information is Microsoft collecting? I don’t know. Telemetry is frequently downplayed as being largely uninteresting blobs of unattributed data. If that’s the case, why is Microsoft collecting it now, after all these years? It hasn’t even acknowledged (as best I can tell) that it's collecting it via security-only patches.

https://www.computerworld.com/article/3438501/heads-up-microsoft-is-back-to-snooping-with-this-months-win7-and-81-security-only-patches.html